Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2024-2236 (GCVE-0-2024-2236)
Vulnerability from cvelistv5 – Published: 2024-03-06 22:07 – Updated: 2026-02-25 19:22
VLAI
EPSS
Title
Libgcrypt: vulnerable to marvin attack
Summary
A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.
Severity
5.9 (Medium)
CWE
- CWE-385 - Covert Timing Channel
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://access.redhat.com/errata/RHSA-2024:9404 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2025:3530 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2025:3534 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/security/cve/CVE-2024-2236 | vdb-entryx_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=2245218 | issue-trackingx_refsource_REDHAT |
Impacted products
9 products
| Vendor | Product | Version | |
|---|---|---|---|
|
Affected:
0 , < 9.4.0
(semver)
|
|||
| Red Hat | Red Hat Enterprise Linux 9 |
Unaffected:
0:1.10.0-11.el9 , < *
(rpm)
cpe:/o:redhat:enterprise_linux:9::baseos cpe:/a:redhat:enterprise_linux:9::appstream |
|
| Red Hat | Red Hat Enterprise Linux 9 |
Unaffected:
0:1.10.0-11.el9 , < *
(rpm)
cpe:/o:redhat:enterprise_linux:9::baseos cpe:/a:redhat:enterprise_linux:9::appstream |
|
| Red Hat | Red Hat Enterprise Linux 9.2 Extended Update Support |
Unaffected:
0:1.10.0-10.el9_2.1 , < *
(rpm)
cpe:/o:redhat:rhel_eus:9.2::baseos cpe:/a:redhat:rhel_eus:9.2::appstream |
|
| Red Hat | Red Hat Enterprise Linux 9.4 Extended Update Support |
Unaffected:
0:1.10.0-10.el9_4.1 , < *
(rpm)
cpe:/o:redhat:rhel_eus:9.4::baseos cpe:/a:redhat:rhel_eus:9.4::appstream |
|
| Red Hat | Red Hat Enterprise Linux 10 |
cpe:/o:redhat:enterprise_linux:10 |
|
| Red Hat | Red Hat Enterprise Linux 6 |
cpe:/o:redhat:enterprise_linux:6 |
|
| Red Hat | Red Hat Enterprise Linux 7 |
cpe:/o:redhat:enterprise_linux:7 |
|
| Red Hat | Red Hat Enterprise Linux 8 |
cpe:/o:redhat:enterprise_linux:8 |
Date Public
2024-03-06 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T19:03:39.105Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2024-2236"
},
{
"name": "RHBZ#2245218",
"tags": [
"issue-tracking",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2245218"
},
{
"name": "RHBZ#2268268",
"tags": [
"issue-tracking",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268268"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-2236",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-07T20:07:33.124826Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-12T20:41:08.088Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://git.gnupg.org/libgcrypt.git",
"defaultStatus": "unaffected",
"packageName": "libgcrypt",
"versions": [
{
"lessThan": "9.4.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9::baseos",
"cpe:/a:redhat:enterprise_linux:9::appstream"
],
"defaultStatus": "affected",
"packageName": "libgcrypt",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.10.0-11.el9",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9::baseos",
"cpe:/a:redhat:enterprise_linux:9::appstream"
],
"defaultStatus": "affected",
"packageName": "libgcrypt",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.10.0-11.el9",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:rhel_eus:9.2::baseos",
"cpe:/a:redhat:rhel_eus:9.2::appstream"
],
"defaultStatus": "affected",
"packageName": "libgcrypt",
"product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.10.0-10.el9_2.1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:rhel_eus:9.4::baseos",
"cpe:/a:redhat:rhel_eus:9.4::appstream"
],
"defaultStatus": "affected",
"packageName": "libgcrypt",
"product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.10.0-10.el9_4.1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "unaffected",
"packageName": "libgcrypt",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
],
"defaultStatus": "unknown",
"packageName": "libgcrypt",
"product": "Red Hat Enterprise Linux 6",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
],
"defaultStatus": "affected",
"packageName": "libgcrypt",
"product": "Red Hat Enterprise Linux 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "affected",
"packageName": "libgcrypt",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
}
],
"datePublic": "2024-03-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A timing-based side-channel flaw was found in libgcrypt\u0027s RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Moderate"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-385",
"description": "Covert Timing Channel",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-25T19:22:48.221Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2024:9404",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:9404"
},
{
"name": "RHSA-2025:3530",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:3530"
},
{
"name": "RHSA-2025:3534",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:3534"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2024-2236"
},
{
"name": "RHBZ#2245218",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2245218"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-10-20T00:00:00.000Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2024-03-06T00:00:00.000Z",
"value": "Made public."
}
],
"title": "Libgcrypt: vulnerable to marvin attack",
"x_generator": {
"engine": "cvelib 1.8.0"
},
"x_redhatCweChain": "CWE-385: Covert Timing Channel"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2024-2236",
"datePublished": "2024-03-06T22:07:16.617Z",
"dateReserved": "2024-03-06T20:10:15.745Z",
"dateUpdated": "2026-02-25T19:22:48.221Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2024-2236",
"date": "2026-05-29",
"epss": "0.00684",
"percentile": "0.71986"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-2236\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2024-03-06T22:15:57.977\",\"lastModified\":\"2026-02-25T20:17:20.547\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A timing-based side-channel flaw was found in libgcrypt\u0027s RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.\"},{\"lang\":\"es\",\"value\":\"Se encontr\u00f3 una falla de canal lateral basada en sincronizaci\u00f3n en la implementaci\u00f3n RSA de libgcrypt. Este problema puede permitir que un atacante remoto inicie un ataque estilo Bleichenbacher, que puede conducir al descifrado de textos cifrados RSA.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":5.9,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.2,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-385\"}]}],\"references\":[{\"url\":\"https://access.redhat.com/errata/RHSA-2024:9404\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:3530\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:3534\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/security/cve/CVE-2024-2236\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2245218\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/security/cve/CVE-2024-2236\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2245218\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2268268\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://access.redhat.com/security/cve/CVE-2024-2236\", \"tags\": [\"vdb-entry\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2245218\", \"name\": \"RHBZ#2245218\", \"tags\": [\"issue-tracking\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2268268\", \"name\": \"RHBZ#2268268\", \"tags\": [\"issue-tracking\", \"x_refsource_REDHAT\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-01T19:03:39.105Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-2236\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-03-07T20:07:33.124826Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-08-12T20:41:04.823Z\"}}], \"cna\": {\"title\": \"Libgcrypt: vulnerable to marvin attack\", \"metrics\": [{\"other\": {\"type\": \"Red Hat severity rating\", \"content\": {\"value\": \"Moderate\", \"namespace\": \"https://access.redhat.com/security/updates/classification/\"}}}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.9, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"9.4.0\", \"versionType\": \"semver\"}], \"packageName\": \"libgcrypt\", \"collectionURL\": \"https://git.gnupg.org/libgcrypt.git\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:9::baseos\", \"cpe:/a:redhat:enterprise_linux:9::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:1.10.0-11.el9\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"libgcrypt\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:9::baseos\", \"cpe:/a:redhat:enterprise_linux:9::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:1.10.0-11.el9\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"libgcrypt\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_eus:9.2::baseos\", \"cpe:/a:redhat:rhel_eus:9.2::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9.2 Extended Update Support\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:1.10.0-10.el9_2.1\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"libgcrypt\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_eus:9.4::baseos\", \"cpe:/a:redhat:rhel_eus:9.4::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9.4 Extended Update Support\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:1.10.0-10.el9_4.1\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"libgcrypt\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:10\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 10\", \"packageName\": \"libgcrypt\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:6\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 6\", \"packageName\": \"libgcrypt\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 7\", \"packageName\": \"libgcrypt\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8\", \"packageName\": \"libgcrypt\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2023-10-20T00:00:00.000Z\", \"value\": \"Reported to Red Hat.\"}, {\"lang\": \"en\", \"time\": \"2024-03-06T00:00:00.000Z\", \"value\": \"Made public.\"}], \"datePublic\": \"2024-03-06T00:00:00.000Z\", \"references\": [{\"url\": \"https://access.redhat.com/errata/RHSA-2024:9404\", \"name\": \"RHSA-2024:9404\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:3530\", \"name\": \"RHSA-2025:3530\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:3534\", \"name\": \"RHSA-2025:3534\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/security/cve/CVE-2024-2236\", \"tags\": [\"vdb-entry\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2245218\", \"name\": \"RHBZ#2245218\", \"tags\": [\"issue-tracking\", \"x_refsource_REDHAT\"]}], \"x_generator\": {\"engine\": \"cvelib 1.8.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A timing-based side-channel flaw was found in libgcrypt\u0027s RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-385\", \"description\": \"Covert Timing Channel\"}]}], \"providerMetadata\": {\"orgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"shortName\": \"redhat\", \"dateUpdated\": \"2026-02-25T19:22:48.221Z\"}, \"x_redhatCweChain\": \"CWE-385: Covert Timing Channel\"}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-2236\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-02-25T19:22:48.221Z\", \"dateReserved\": \"2024-03-06T20:10:15.745Z\", \"assignerOrgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"datePublished\": \"2024-03-06T22:07:16.617Z\", \"assignerShortName\": \"redhat\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
SUSE-FU-2026:21232-1
Vulnerability from csaf_suse - Published: 2026-04-17 10:34 - Updated: 2026-04-17 10:34Summary
Feature update for libgcrypt, libgpg-error
Severity
Moderate
Notes
Title of the patch: Feature update for libgcrypt, libgpg-error
Description of the patch: This update for libgcrypt, libgpg-error fixes the following issues:
Update libgcrypt to 1.12.1 (jsc#PED-15059):
* New and extended interfaces:
- Allow access to the FIPS service indicator via the new
GCRYCTL_FIPS_SERVICE_INDICATOR control code.
- Make SHA-1 non-FIPS internally for the 1.12 API
- Add Dilithium (ML-DSA) support
- Support optional random-override and support byte string data
* Bug fixes:
- Use secure MPI in _gcry_mpi_assign_limb_space.
- Use CSIDL_COMMON_APPDATA instead of /etc on Windows.
- Apply a Kyber patch from upstream.
- Fix an edge case in Jent initialization.
- mceliece6688128f: Fix stack overflow crash on win64/wine
* Performance:
- Many performance improvements, new AVX512 implementations for modern CPUs.
- Add RISC-V Zbb+Zbc implementation of CRC.
- Add RISC-V vector cryptography implementation of GHASH, AES, SHA256 and SHA512
- Add AVX2 and AVX512 code paths to improve CRC.
For a full changelog, see:
https://dev.gnupg.org/source/libgcrypt/history/master/;libgcrypt-1.12.0
Update libgpg-error to 1.58:
* New src/gpg-error.c (main): New command "fconcat".
* Rename src/spawn-posix.c (struct gpgrt_spawn_actions): Rename the field to
ENVP.
* argparse: Use SYSCONFDIR for /etc.
* Update translations for Portugese, German
* src/estream.c (parse_mode): Fix parsing of "share". Set sysopen
flag.
* syscfg: Add 64-bit Android arch.
Patchnames: SUSE-SL-Micro-6.2-585
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.9 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:libgcrypt20-1.12.1-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libgcrypt20-1.12.1-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libgcrypt20-1.12.1-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libgcrypt20-1.12.1-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libgpg-error0-1.58-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libgpg-error0-1.58-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libgpg-error0-1.58-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libgpg-error0-1.58-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
7 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Feature update for libgcrypt, libgpg-error",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for libgcrypt, libgpg-error fixes the following issues:\n\nUpdate libgcrypt to 1.12.1 (jsc#PED-15059):\n\n* New and extended interfaces:\n - Allow access to the FIPS service indicator via the new\n GCRYCTL_FIPS_SERVICE_INDICATOR control code.\n - Make SHA-1 non-FIPS internally for the 1.12 API\n - Add Dilithium (ML-DSA) support\n - Support optional random-override and support byte string data\n\n* Bug fixes:\n - Use secure MPI in _gcry_mpi_assign_limb_space.\n - Use CSIDL_COMMON_APPDATA instead of /etc on Windows.\n - Apply a Kyber patch from upstream.\n - Fix an edge case in Jent initialization.\n - mceliece6688128f: Fix stack overflow crash on win64/wine\n * Performance:\n - Many performance improvements, new AVX512 implementations for modern CPUs.\n - Add RISC-V Zbb+Zbc implementation of CRC.\n - Add RISC-V vector cryptography implementation of GHASH, AES, SHA256 and SHA512\n - Add AVX2 and AVX512 code paths to improve CRC.\n\nFor a full changelog, see:\nhttps://dev.gnupg.org/source/libgcrypt/history/master/;libgcrypt-1.12.0\n\nUpdate libgpg-error to 1.58:\n\n * New src/gpg-error.c (main): New command \"fconcat\".\n * Rename src/spawn-posix.c (struct gpgrt_spawn_actions): Rename the field to\n ENVP.\n * argparse: Use SYSCONFDIR for /etc.\n * Update translations for Portugese, German\n * src/estream.c (parse_mode): Fix parsing of \"share\". Set sysopen\n flag.\n * syscfg: Add 64-bit Android arch.\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SL-Micro-6.2-585",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-fu-2026_21232-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-FU-2026:21232-1",
"url": "https://www.suse.com/support/update/announcement//suse-fu-202621232-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-FU-2026:21232-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2026-April/045858.html"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-2236 page",
"url": "https://www.suse.com/security/cve/CVE-2024-2236/"
}
],
"title": "Feature update for libgcrypt, libgpg-error",
"tracking": {
"current_release_date": "2026-04-17T10:34:15Z",
"generator": {
"date": "2026-04-17T10:34:15Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-FU-2026:21232-1",
"initial_release_date": "2026-04-17T10:34:15Z",
"revision_history": [
{
"date": "2026-04-17T10:34:15Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libgcrypt20-1.12.1-160000.1.1.aarch64",
"product": {
"name": "libgcrypt20-1.12.1-160000.1.1.aarch64",
"product_id": "libgcrypt20-1.12.1-160000.1.1.aarch64"
}
},
{
"category": "product_version",
"name": "libgpg-error0-1.58-160000.1.1.aarch64",
"product": {
"name": "libgpg-error0-1.58-160000.1.1.aarch64",
"product_id": "libgpg-error0-1.58-160000.1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libgcrypt20-1.12.1-160000.1.1.ppc64le",
"product": {
"name": "libgcrypt20-1.12.1-160000.1.1.ppc64le",
"product_id": "libgcrypt20-1.12.1-160000.1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libgpg-error0-1.58-160000.1.1.ppc64le",
"product": {
"name": "libgpg-error0-1.58-160000.1.1.ppc64le",
"product_id": "libgpg-error0-1.58-160000.1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libgcrypt20-1.12.1-160000.1.1.s390x",
"product": {
"name": "libgcrypt20-1.12.1-160000.1.1.s390x",
"product_id": "libgcrypt20-1.12.1-160000.1.1.s390x"
}
},
{
"category": "product_version",
"name": "libgpg-error0-1.58-160000.1.1.s390x",
"product": {
"name": "libgpg-error0-1.58-160000.1.1.s390x",
"product_id": "libgpg-error0-1.58-160000.1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libgcrypt20-1.12.1-160000.1.1.x86_64",
"product": {
"name": "libgcrypt20-1.12.1-160000.1.1.x86_64",
"product_id": "libgcrypt20-1.12.1-160000.1.1.x86_64"
}
},
{
"category": "product_version",
"name": "libgpg-error0-1.58-160000.1.1.x86_64",
"product": {
"name": "libgpg-error0-1.58-160000.1.1.x86_64",
"product_id": "libgpg-error0-1.58-160000.1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.2",
"product": {
"name": "SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.12.1-160000.1.1.aarch64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:libgcrypt20-1.12.1-160000.1.1.aarch64"
},
"product_reference": "libgcrypt20-1.12.1-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.12.1-160000.1.1.ppc64le as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:libgcrypt20-1.12.1-160000.1.1.ppc64le"
},
"product_reference": "libgcrypt20-1.12.1-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.12.1-160000.1.1.s390x as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:libgcrypt20-1.12.1-160000.1.1.s390x"
},
"product_reference": "libgcrypt20-1.12.1-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.12.1-160000.1.1.x86_64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:libgcrypt20-1.12.1-160000.1.1.x86_64"
},
"product_reference": "libgcrypt20-1.12.1-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgpg-error0-1.58-160000.1.1.aarch64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:libgpg-error0-1.58-160000.1.1.aarch64"
},
"product_reference": "libgpg-error0-1.58-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgpg-error0-1.58-160000.1.1.ppc64le as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:libgpg-error0-1.58-160000.1.1.ppc64le"
},
"product_reference": "libgpg-error0-1.58-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgpg-error0-1.58-160000.1.1.s390x as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:libgpg-error0-1.58-160000.1.1.s390x"
},
"product_reference": "libgpg-error0-1.58-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgpg-error0-1.58-160000.1.1.x86_64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:libgpg-error0-1.58-160000.1.1.x86_64"
},
"product_reference": "libgpg-error0-1.58-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-2236",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-2236"
}
],
"notes": [
{
"category": "general",
"text": "A timing-based side-channel flaw was found in libgcrypt\u0027s RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:libgcrypt20-1.12.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:libgcrypt20-1.12.1-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:libgcrypt20-1.12.1-160000.1.1.s390x",
"SUSE Linux Micro 6.2:libgcrypt20-1.12.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:libgpg-error0-1.58-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:libgpg-error0-1.58-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:libgpg-error0-1.58-160000.1.1.s390x",
"SUSE Linux Micro 6.2:libgpg-error0-1.58-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-2236",
"url": "https://www.suse.com/security/cve/CVE-2024-2236"
},
{
"category": "external",
"summary": "SUSE Bug 1221107 for CVE-2024-2236",
"url": "https://bugzilla.suse.com/1221107"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:libgcrypt20-1.12.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:libgcrypt20-1.12.1-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:libgcrypt20-1.12.1-160000.1.1.s390x",
"SUSE Linux Micro 6.2:libgcrypt20-1.12.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:libgpg-error0-1.58-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:libgpg-error0-1.58-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:libgpg-error0-1.58-160000.1.1.s390x",
"SUSE Linux Micro 6.2:libgpg-error0-1.58-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:libgcrypt20-1.12.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:libgcrypt20-1.12.1-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:libgcrypt20-1.12.1-160000.1.1.s390x",
"SUSE Linux Micro 6.2:libgcrypt20-1.12.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:libgpg-error0-1.58-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:libgpg-error0-1.58-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:libgpg-error0-1.58-160000.1.1.s390x",
"SUSE Linux Micro 6.2:libgpg-error0-1.58-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-17T10:34:15Z",
"details": "moderate"
}
],
"title": "CVE-2024-2236"
}
]
}
SUSE-SU-2025:02447-1
Vulnerability from csaf_suse - Published: 2025-07-21 14:45 - Updated: 2025-07-21 14:45Summary
Security update for libgcrypt
Severity
Moderate
Notes
Title of the patch: Security update for libgcrypt
Description of the patch: This update for libgcrypt fixes the following issues:
- CVE-2024-2236: Fixed timing based side-channel in RSA implementation. (bsc#1221107)
Patchnames: SUSE-2025-2447,SUSE-SLE-Module-Basesystem-15-SP6-2025-2447,openSUSE-SLE-15.6-2025-2447
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.9 (Medium)
Affected products
Recommended
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libgcrypt-devel-1.10.3-150600.3.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libgcrypt-devel-1.10.3-150600.3.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libgcrypt-devel-1.10.3-150600.3.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libgcrypt-devel-1.10.3-150600.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libgcrypt20-1.10.3-150600.3.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libgcrypt20-1.10.3-150600.3.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libgcrypt20-1.10.3-150600.3.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libgcrypt20-1.10.3-150600.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libgcrypt20-32bit-1.10.3-150600.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libgcrypt-devel-1.10.3-150600.3.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libgcrypt-devel-1.10.3-150600.3.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libgcrypt-devel-1.10.3-150600.3.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libgcrypt-devel-1.10.3-150600.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libgcrypt-devel-32bit-1.10.3-150600.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libgcrypt20-1.10.3-150600.3.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libgcrypt20-1.10.3-150600.3.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libgcrypt20-1.10.3-150600.3.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libgcrypt20-1.10.3-150600.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libgcrypt20-32bit-1.10.3-150600.3.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
8 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for libgcrypt",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for libgcrypt fixes the following issues:\n\n- CVE-2024-2236: Fixed timing based side-channel in RSA implementation. (bsc#1221107)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-2447,SUSE-SLE-Module-Basesystem-15-SP6-2025-2447,openSUSE-SLE-15.6-2025-2447",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_02447-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:02447-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502447-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:02447-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-July/040837.html"
},
{
"category": "self",
"summary": "SUSE Bug 1221107",
"url": "https://bugzilla.suse.com/1221107"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-2236 page",
"url": "https://www.suse.com/security/cve/CVE-2024-2236/"
}
],
"title": "Security update for libgcrypt",
"tracking": {
"current_release_date": "2025-07-21T14:45:26Z",
"generator": {
"date": "2025-07-21T14:45:26Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:02447-1",
"initial_release_date": "2025-07-21T14:45:26Z",
"revision_history": [
{
"date": "2025-07-21T14:45:26Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libgcrypt-devel-1.10.3-150600.3.9.1.aarch64",
"product": {
"name": "libgcrypt-devel-1.10.3-150600.3.9.1.aarch64",
"product_id": "libgcrypt-devel-1.10.3-150600.3.9.1.aarch64"
}
},
{
"category": "product_version",
"name": "libgcrypt20-1.10.3-150600.3.9.1.aarch64",
"product": {
"name": "libgcrypt20-1.10.3-150600.3.9.1.aarch64",
"product_id": "libgcrypt20-1.10.3-150600.3.9.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libgcrypt-devel-64bit-1.10.3-150600.3.9.1.aarch64_ilp32",
"product": {
"name": "libgcrypt-devel-64bit-1.10.3-150600.3.9.1.aarch64_ilp32",
"product_id": "libgcrypt-devel-64bit-1.10.3-150600.3.9.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libgcrypt20-64bit-1.10.3-150600.3.9.1.aarch64_ilp32",
"product": {
"name": "libgcrypt20-64bit-1.10.3-150600.3.9.1.aarch64_ilp32",
"product_id": "libgcrypt20-64bit-1.10.3-150600.3.9.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "libgcrypt-devel-1.10.3-150600.3.9.1.i586",
"product": {
"name": "libgcrypt-devel-1.10.3-150600.3.9.1.i586",
"product_id": "libgcrypt-devel-1.10.3-150600.3.9.1.i586"
}
},
{
"category": "product_version",
"name": "libgcrypt20-1.10.3-150600.3.9.1.i586",
"product": {
"name": "libgcrypt20-1.10.3-150600.3.9.1.i586",
"product_id": "libgcrypt20-1.10.3-150600.3.9.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "libgcrypt-devel-1.10.3-150600.3.9.1.ppc64le",
"product": {
"name": "libgcrypt-devel-1.10.3-150600.3.9.1.ppc64le",
"product_id": "libgcrypt-devel-1.10.3-150600.3.9.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libgcrypt20-1.10.3-150600.3.9.1.ppc64le",
"product": {
"name": "libgcrypt20-1.10.3-150600.3.9.1.ppc64le",
"product_id": "libgcrypt20-1.10.3-150600.3.9.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libgcrypt-devel-1.10.3-150600.3.9.1.s390x",
"product": {
"name": "libgcrypt-devel-1.10.3-150600.3.9.1.s390x",
"product_id": "libgcrypt-devel-1.10.3-150600.3.9.1.s390x"
}
},
{
"category": "product_version",
"name": "libgcrypt20-1.10.3-150600.3.9.1.s390x",
"product": {
"name": "libgcrypt20-1.10.3-150600.3.9.1.s390x",
"product_id": "libgcrypt20-1.10.3-150600.3.9.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libgcrypt-devel-1.10.3-150600.3.9.1.x86_64",
"product": {
"name": "libgcrypt-devel-1.10.3-150600.3.9.1.x86_64",
"product_id": "libgcrypt-devel-1.10.3-150600.3.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "libgcrypt-devel-32bit-1.10.3-150600.3.9.1.x86_64",
"product": {
"name": "libgcrypt-devel-32bit-1.10.3-150600.3.9.1.x86_64",
"product_id": "libgcrypt-devel-32bit-1.10.3-150600.3.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "libgcrypt20-1.10.3-150600.3.9.1.x86_64",
"product": {
"name": "libgcrypt20-1.10.3-150600.3.9.1.x86_64",
"product_id": "libgcrypt20-1.10.3-150600.3.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "libgcrypt20-32bit-1.10.3-150600.3.9.1.x86_64",
"product": {
"name": "libgcrypt20-32bit-1.10.3-150600.3.9.1.x86_64",
"product_id": "libgcrypt20-32bit-1.10.3-150600.3.9.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp6"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt-devel-1.10.3-150600.3.9.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libgcrypt-devel-1.10.3-150600.3.9.1.aarch64"
},
"product_reference": "libgcrypt-devel-1.10.3-150600.3.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt-devel-1.10.3-150600.3.9.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libgcrypt-devel-1.10.3-150600.3.9.1.ppc64le"
},
"product_reference": "libgcrypt-devel-1.10.3-150600.3.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt-devel-1.10.3-150600.3.9.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libgcrypt-devel-1.10.3-150600.3.9.1.s390x"
},
"product_reference": "libgcrypt-devel-1.10.3-150600.3.9.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt-devel-1.10.3-150600.3.9.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libgcrypt-devel-1.10.3-150600.3.9.1.x86_64"
},
"product_reference": "libgcrypt-devel-1.10.3-150600.3.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.10.3-150600.3.9.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libgcrypt20-1.10.3-150600.3.9.1.aarch64"
},
"product_reference": "libgcrypt20-1.10.3-150600.3.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.10.3-150600.3.9.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libgcrypt20-1.10.3-150600.3.9.1.ppc64le"
},
"product_reference": "libgcrypt20-1.10.3-150600.3.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.10.3-150600.3.9.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libgcrypt20-1.10.3-150600.3.9.1.s390x"
},
"product_reference": "libgcrypt20-1.10.3-150600.3.9.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.10.3-150600.3.9.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libgcrypt20-1.10.3-150600.3.9.1.x86_64"
},
"product_reference": "libgcrypt20-1.10.3-150600.3.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-32bit-1.10.3-150600.3.9.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libgcrypt20-32bit-1.10.3-150600.3.9.1.x86_64"
},
"product_reference": "libgcrypt20-32bit-1.10.3-150600.3.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt-devel-1.10.3-150600.3.9.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libgcrypt-devel-1.10.3-150600.3.9.1.aarch64"
},
"product_reference": "libgcrypt-devel-1.10.3-150600.3.9.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt-devel-1.10.3-150600.3.9.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libgcrypt-devel-1.10.3-150600.3.9.1.ppc64le"
},
"product_reference": "libgcrypt-devel-1.10.3-150600.3.9.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt-devel-1.10.3-150600.3.9.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libgcrypt-devel-1.10.3-150600.3.9.1.s390x"
},
"product_reference": "libgcrypt-devel-1.10.3-150600.3.9.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt-devel-1.10.3-150600.3.9.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libgcrypt-devel-1.10.3-150600.3.9.1.x86_64"
},
"product_reference": "libgcrypt-devel-1.10.3-150600.3.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt-devel-32bit-1.10.3-150600.3.9.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libgcrypt-devel-32bit-1.10.3-150600.3.9.1.x86_64"
},
"product_reference": "libgcrypt-devel-32bit-1.10.3-150600.3.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.10.3-150600.3.9.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libgcrypt20-1.10.3-150600.3.9.1.aarch64"
},
"product_reference": "libgcrypt20-1.10.3-150600.3.9.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.10.3-150600.3.9.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libgcrypt20-1.10.3-150600.3.9.1.ppc64le"
},
"product_reference": "libgcrypt20-1.10.3-150600.3.9.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.10.3-150600.3.9.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libgcrypt20-1.10.3-150600.3.9.1.s390x"
},
"product_reference": "libgcrypt20-1.10.3-150600.3.9.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.10.3-150600.3.9.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libgcrypt20-1.10.3-150600.3.9.1.x86_64"
},
"product_reference": "libgcrypt20-1.10.3-150600.3.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-32bit-1.10.3-150600.3.9.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libgcrypt20-32bit-1.10.3-150600.3.9.1.x86_64"
},
"product_reference": "libgcrypt20-32bit-1.10.3-150600.3.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-2236",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-2236"
}
],
"notes": [
{
"category": "general",
"text": "A timing-based side-channel flaw was found in libgcrypt\u0027s RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libgcrypt-devel-1.10.3-150600.3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libgcrypt-devel-1.10.3-150600.3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libgcrypt-devel-1.10.3-150600.3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libgcrypt-devel-1.10.3-150600.3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libgcrypt20-1.10.3-150600.3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libgcrypt20-1.10.3-150600.3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libgcrypt20-1.10.3-150600.3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libgcrypt20-1.10.3-150600.3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libgcrypt20-32bit-1.10.3-150600.3.9.1.x86_64",
"openSUSE Leap 15.6:libgcrypt-devel-1.10.3-150600.3.9.1.aarch64",
"openSUSE Leap 15.6:libgcrypt-devel-1.10.3-150600.3.9.1.ppc64le",
"openSUSE Leap 15.6:libgcrypt-devel-1.10.3-150600.3.9.1.s390x",
"openSUSE Leap 15.6:libgcrypt-devel-1.10.3-150600.3.9.1.x86_64",
"openSUSE Leap 15.6:libgcrypt-devel-32bit-1.10.3-150600.3.9.1.x86_64",
"openSUSE Leap 15.6:libgcrypt20-1.10.3-150600.3.9.1.aarch64",
"openSUSE Leap 15.6:libgcrypt20-1.10.3-150600.3.9.1.ppc64le",
"openSUSE Leap 15.6:libgcrypt20-1.10.3-150600.3.9.1.s390x",
"openSUSE Leap 15.6:libgcrypt20-1.10.3-150600.3.9.1.x86_64",
"openSUSE Leap 15.6:libgcrypt20-32bit-1.10.3-150600.3.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-2236",
"url": "https://www.suse.com/security/cve/CVE-2024-2236"
},
{
"category": "external",
"summary": "SUSE Bug 1221107 for CVE-2024-2236",
"url": "https://bugzilla.suse.com/1221107"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libgcrypt-devel-1.10.3-150600.3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libgcrypt-devel-1.10.3-150600.3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libgcrypt-devel-1.10.3-150600.3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libgcrypt-devel-1.10.3-150600.3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libgcrypt20-1.10.3-150600.3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libgcrypt20-1.10.3-150600.3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libgcrypt20-1.10.3-150600.3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libgcrypt20-1.10.3-150600.3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libgcrypt20-32bit-1.10.3-150600.3.9.1.x86_64",
"openSUSE Leap 15.6:libgcrypt-devel-1.10.3-150600.3.9.1.aarch64",
"openSUSE Leap 15.6:libgcrypt-devel-1.10.3-150600.3.9.1.ppc64le",
"openSUSE Leap 15.6:libgcrypt-devel-1.10.3-150600.3.9.1.s390x",
"openSUSE Leap 15.6:libgcrypt-devel-1.10.3-150600.3.9.1.x86_64",
"openSUSE Leap 15.6:libgcrypt-devel-32bit-1.10.3-150600.3.9.1.x86_64",
"openSUSE Leap 15.6:libgcrypt20-1.10.3-150600.3.9.1.aarch64",
"openSUSE Leap 15.6:libgcrypt20-1.10.3-150600.3.9.1.ppc64le",
"openSUSE Leap 15.6:libgcrypt20-1.10.3-150600.3.9.1.s390x",
"openSUSE Leap 15.6:libgcrypt20-1.10.3-150600.3.9.1.x86_64",
"openSUSE Leap 15.6:libgcrypt20-32bit-1.10.3-150600.3.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libgcrypt-devel-1.10.3-150600.3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libgcrypt-devel-1.10.3-150600.3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libgcrypt-devel-1.10.3-150600.3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libgcrypt-devel-1.10.3-150600.3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libgcrypt20-1.10.3-150600.3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libgcrypt20-1.10.3-150600.3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libgcrypt20-1.10.3-150600.3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libgcrypt20-1.10.3-150600.3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libgcrypt20-32bit-1.10.3-150600.3.9.1.x86_64",
"openSUSE Leap 15.6:libgcrypt-devel-1.10.3-150600.3.9.1.aarch64",
"openSUSE Leap 15.6:libgcrypt-devel-1.10.3-150600.3.9.1.ppc64le",
"openSUSE Leap 15.6:libgcrypt-devel-1.10.3-150600.3.9.1.s390x",
"openSUSE Leap 15.6:libgcrypt-devel-1.10.3-150600.3.9.1.x86_64",
"openSUSE Leap 15.6:libgcrypt-devel-32bit-1.10.3-150600.3.9.1.x86_64",
"openSUSE Leap 15.6:libgcrypt20-1.10.3-150600.3.9.1.aarch64",
"openSUSE Leap 15.6:libgcrypt20-1.10.3-150600.3.9.1.ppc64le",
"openSUSE Leap 15.6:libgcrypt20-1.10.3-150600.3.9.1.s390x",
"openSUSE Leap 15.6:libgcrypt20-1.10.3-150600.3.9.1.x86_64",
"openSUSE Leap 15.6:libgcrypt20-32bit-1.10.3-150600.3.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-21T14:45:26Z",
"details": "moderate"
}
],
"title": "CVE-2024-2236"
}
]
}
SUSE-SU-2025:02464-1
Vulnerability from csaf_suse - Published: 2025-07-22 11:40 - Updated: 2025-07-22 11:40Summary
Security update for libgcrypt
Severity
Moderate
Notes
Title of the patch: Security update for libgcrypt
Description of the patch: This update for libgcrypt fixes the following issues:
- CVE-2024-2236: timing-based side-channel flaw in RSA implementation can lead to decryption of RSA ciphertexts (bsc#1221107).
Patchnames: SUSE-2025-2464,SUSE-SLE-Micro-5.3-2025-2464,SUSE-SLE-Micro-5.4-2025-2464
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.9 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libgcrypt20-1.9.4-150400.6.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libgcrypt20-1.9.4-150400.6.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libgcrypt20-1.9.4-150400.6.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libgcrypt20-hmac-1.9.4-150400.6.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libgcrypt20-hmac-1.9.4-150400.6.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libgcrypt20-hmac-1.9.4-150400.6.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libgcrypt20-1.9.4-150400.6.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libgcrypt20-1.9.4-150400.6.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libgcrypt20-1.9.4-150400.6.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libgcrypt20-hmac-1.9.4-150400.6.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libgcrypt20-hmac-1.9.4-150400.6.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libgcrypt20-hmac-1.9.4-150400.6.11.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
8 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for libgcrypt",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for libgcrypt fixes the following issues:\n\n- CVE-2024-2236: timing-based side-channel flaw in RSA implementation can lead to decryption of RSA ciphertexts (bsc#1221107). \n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-2464,SUSE-SLE-Micro-5.3-2025-2464,SUSE-SLE-Micro-5.4-2025-2464",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_02464-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:02464-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502464-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:02464-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-July/040861.html"
},
{
"category": "self",
"summary": "SUSE Bug 1221107",
"url": "https://bugzilla.suse.com/1221107"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-2236 page",
"url": "https://www.suse.com/security/cve/CVE-2024-2236/"
}
],
"title": "Security update for libgcrypt",
"tracking": {
"current_release_date": "2025-07-22T11:40:21Z",
"generator": {
"date": "2025-07-22T11:40:21Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:02464-1",
"initial_release_date": "2025-07-22T11:40:21Z",
"revision_history": [
{
"date": "2025-07-22T11:40:21Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libgcrypt-cavs-1.9.4-150400.6.11.1.aarch64",
"product": {
"name": "libgcrypt-cavs-1.9.4-150400.6.11.1.aarch64",
"product_id": "libgcrypt-cavs-1.9.4-150400.6.11.1.aarch64"
}
},
{
"category": "product_version",
"name": "libgcrypt-devel-1.9.4-150400.6.11.1.aarch64",
"product": {
"name": "libgcrypt-devel-1.9.4-150400.6.11.1.aarch64",
"product_id": "libgcrypt-devel-1.9.4-150400.6.11.1.aarch64"
}
},
{
"category": "product_version",
"name": "libgcrypt20-1.9.4-150400.6.11.1.aarch64",
"product": {
"name": "libgcrypt20-1.9.4-150400.6.11.1.aarch64",
"product_id": "libgcrypt20-1.9.4-150400.6.11.1.aarch64"
}
},
{
"category": "product_version",
"name": "libgcrypt20-hmac-1.9.4-150400.6.11.1.aarch64",
"product": {
"name": "libgcrypt20-hmac-1.9.4-150400.6.11.1.aarch64",
"product_id": "libgcrypt20-hmac-1.9.4-150400.6.11.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libgcrypt-devel-64bit-1.9.4-150400.6.11.1.aarch64_ilp32",
"product": {
"name": "libgcrypt-devel-64bit-1.9.4-150400.6.11.1.aarch64_ilp32",
"product_id": "libgcrypt-devel-64bit-1.9.4-150400.6.11.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libgcrypt20-64bit-1.9.4-150400.6.11.1.aarch64_ilp32",
"product": {
"name": "libgcrypt20-64bit-1.9.4-150400.6.11.1.aarch64_ilp32",
"product_id": "libgcrypt20-64bit-1.9.4-150400.6.11.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libgcrypt20-hmac-64bit-1.9.4-150400.6.11.1.aarch64_ilp32",
"product": {
"name": "libgcrypt20-hmac-64bit-1.9.4-150400.6.11.1.aarch64_ilp32",
"product_id": "libgcrypt20-hmac-64bit-1.9.4-150400.6.11.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "libgcrypt-cavs-1.9.4-150400.6.11.1.i586",
"product": {
"name": "libgcrypt-cavs-1.9.4-150400.6.11.1.i586",
"product_id": "libgcrypt-cavs-1.9.4-150400.6.11.1.i586"
}
},
{
"category": "product_version",
"name": "libgcrypt-devel-1.9.4-150400.6.11.1.i586",
"product": {
"name": "libgcrypt-devel-1.9.4-150400.6.11.1.i586",
"product_id": "libgcrypt-devel-1.9.4-150400.6.11.1.i586"
}
},
{
"category": "product_version",
"name": "libgcrypt20-1.9.4-150400.6.11.1.i586",
"product": {
"name": "libgcrypt20-1.9.4-150400.6.11.1.i586",
"product_id": "libgcrypt20-1.9.4-150400.6.11.1.i586"
}
},
{
"category": "product_version",
"name": "libgcrypt20-hmac-1.9.4-150400.6.11.1.i586",
"product": {
"name": "libgcrypt20-hmac-1.9.4-150400.6.11.1.i586",
"product_id": "libgcrypt20-hmac-1.9.4-150400.6.11.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "libgcrypt-cavs-1.9.4-150400.6.11.1.ppc64le",
"product": {
"name": "libgcrypt-cavs-1.9.4-150400.6.11.1.ppc64le",
"product_id": "libgcrypt-cavs-1.9.4-150400.6.11.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libgcrypt-devel-1.9.4-150400.6.11.1.ppc64le",
"product": {
"name": "libgcrypt-devel-1.9.4-150400.6.11.1.ppc64le",
"product_id": "libgcrypt-devel-1.9.4-150400.6.11.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libgcrypt20-1.9.4-150400.6.11.1.ppc64le",
"product": {
"name": "libgcrypt20-1.9.4-150400.6.11.1.ppc64le",
"product_id": "libgcrypt20-1.9.4-150400.6.11.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libgcrypt20-hmac-1.9.4-150400.6.11.1.ppc64le",
"product": {
"name": "libgcrypt20-hmac-1.9.4-150400.6.11.1.ppc64le",
"product_id": "libgcrypt20-hmac-1.9.4-150400.6.11.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libgcrypt-cavs-1.9.4-150400.6.11.1.s390x",
"product": {
"name": "libgcrypt-cavs-1.9.4-150400.6.11.1.s390x",
"product_id": "libgcrypt-cavs-1.9.4-150400.6.11.1.s390x"
}
},
{
"category": "product_version",
"name": "libgcrypt-devel-1.9.4-150400.6.11.1.s390x",
"product": {
"name": "libgcrypt-devel-1.9.4-150400.6.11.1.s390x",
"product_id": "libgcrypt-devel-1.9.4-150400.6.11.1.s390x"
}
},
{
"category": "product_version",
"name": "libgcrypt20-1.9.4-150400.6.11.1.s390x",
"product": {
"name": "libgcrypt20-1.9.4-150400.6.11.1.s390x",
"product_id": "libgcrypt20-1.9.4-150400.6.11.1.s390x"
}
},
{
"category": "product_version",
"name": "libgcrypt20-hmac-1.9.4-150400.6.11.1.s390x",
"product": {
"name": "libgcrypt20-hmac-1.9.4-150400.6.11.1.s390x",
"product_id": "libgcrypt20-hmac-1.9.4-150400.6.11.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libgcrypt-cavs-1.9.4-150400.6.11.1.x86_64",
"product": {
"name": "libgcrypt-cavs-1.9.4-150400.6.11.1.x86_64",
"product_id": "libgcrypt-cavs-1.9.4-150400.6.11.1.x86_64"
}
},
{
"category": "product_version",
"name": "libgcrypt-devel-1.9.4-150400.6.11.1.x86_64",
"product": {
"name": "libgcrypt-devel-1.9.4-150400.6.11.1.x86_64",
"product_id": "libgcrypt-devel-1.9.4-150400.6.11.1.x86_64"
}
},
{
"category": "product_version",
"name": "libgcrypt-devel-32bit-1.9.4-150400.6.11.1.x86_64",
"product": {
"name": "libgcrypt-devel-32bit-1.9.4-150400.6.11.1.x86_64",
"product_id": "libgcrypt-devel-32bit-1.9.4-150400.6.11.1.x86_64"
}
},
{
"category": "product_version",
"name": "libgcrypt20-1.9.4-150400.6.11.1.x86_64",
"product": {
"name": "libgcrypt20-1.9.4-150400.6.11.1.x86_64",
"product_id": "libgcrypt20-1.9.4-150400.6.11.1.x86_64"
}
},
{
"category": "product_version",
"name": "libgcrypt20-32bit-1.9.4-150400.6.11.1.x86_64",
"product": {
"name": "libgcrypt20-32bit-1.9.4-150400.6.11.1.x86_64",
"product_id": "libgcrypt20-32bit-1.9.4-150400.6.11.1.x86_64"
}
},
{
"category": "product_version",
"name": "libgcrypt20-hmac-1.9.4-150400.6.11.1.x86_64",
"product": {
"name": "libgcrypt20-hmac-1.9.4-150400.6.11.1.x86_64",
"product_id": "libgcrypt20-hmac-1.9.4-150400.6.11.1.x86_64"
}
},
{
"category": "product_version",
"name": "libgcrypt20-hmac-32bit-1.9.4-150400.6.11.1.x86_64",
"product": {
"name": "libgcrypt20-hmac-32bit-1.9.4-150400.6.11.1.x86_64",
"product_id": "libgcrypt20-hmac-32bit-1.9.4-150400.6.11.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.3",
"product": {
"name": "SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.4",
"product": {
"name": "SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.9.4-150400.6.11.1.aarch64 as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:libgcrypt20-1.9.4-150400.6.11.1.aarch64"
},
"product_reference": "libgcrypt20-1.9.4-150400.6.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.9.4-150400.6.11.1.s390x as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:libgcrypt20-1.9.4-150400.6.11.1.s390x"
},
"product_reference": "libgcrypt20-1.9.4-150400.6.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.9.4-150400.6.11.1.x86_64 as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:libgcrypt20-1.9.4-150400.6.11.1.x86_64"
},
"product_reference": "libgcrypt20-1.9.4-150400.6.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-1.9.4-150400.6.11.1.aarch64 as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:libgcrypt20-hmac-1.9.4-150400.6.11.1.aarch64"
},
"product_reference": "libgcrypt20-hmac-1.9.4-150400.6.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-1.9.4-150400.6.11.1.s390x as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:libgcrypt20-hmac-1.9.4-150400.6.11.1.s390x"
},
"product_reference": "libgcrypt20-hmac-1.9.4-150400.6.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-1.9.4-150400.6.11.1.x86_64 as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:libgcrypt20-hmac-1.9.4-150400.6.11.1.x86_64"
},
"product_reference": "libgcrypt20-hmac-1.9.4-150400.6.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.9.4-150400.6.11.1.aarch64 as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:libgcrypt20-1.9.4-150400.6.11.1.aarch64"
},
"product_reference": "libgcrypt20-1.9.4-150400.6.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.9.4-150400.6.11.1.s390x as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:libgcrypt20-1.9.4-150400.6.11.1.s390x"
},
"product_reference": "libgcrypt20-1.9.4-150400.6.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.9.4-150400.6.11.1.x86_64 as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:libgcrypt20-1.9.4-150400.6.11.1.x86_64"
},
"product_reference": "libgcrypt20-1.9.4-150400.6.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-1.9.4-150400.6.11.1.aarch64 as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:libgcrypt20-hmac-1.9.4-150400.6.11.1.aarch64"
},
"product_reference": "libgcrypt20-hmac-1.9.4-150400.6.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-1.9.4-150400.6.11.1.s390x as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:libgcrypt20-hmac-1.9.4-150400.6.11.1.s390x"
},
"product_reference": "libgcrypt20-hmac-1.9.4-150400.6.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-1.9.4-150400.6.11.1.x86_64 as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:libgcrypt20-hmac-1.9.4-150400.6.11.1.x86_64"
},
"product_reference": "libgcrypt20-hmac-1.9.4-150400.6.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-2236",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-2236"
}
],
"notes": [
{
"category": "general",
"text": "A timing-based side-channel flaw was found in libgcrypt\u0027s RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:libgcrypt20-1.9.4-150400.6.11.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libgcrypt20-1.9.4-150400.6.11.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libgcrypt20-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libgcrypt20-hmac-1.9.4-150400.6.11.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libgcrypt20-hmac-1.9.4-150400.6.11.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libgcrypt20-hmac-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libgcrypt20-1.9.4-150400.6.11.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libgcrypt20-1.9.4-150400.6.11.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libgcrypt20-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libgcrypt20-hmac-1.9.4-150400.6.11.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libgcrypt20-hmac-1.9.4-150400.6.11.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libgcrypt20-hmac-1.9.4-150400.6.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-2236",
"url": "https://www.suse.com/security/cve/CVE-2024-2236"
},
{
"category": "external",
"summary": "SUSE Bug 1221107 for CVE-2024-2236",
"url": "https://bugzilla.suse.com/1221107"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:libgcrypt20-1.9.4-150400.6.11.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libgcrypt20-1.9.4-150400.6.11.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libgcrypt20-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libgcrypt20-hmac-1.9.4-150400.6.11.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libgcrypt20-hmac-1.9.4-150400.6.11.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libgcrypt20-hmac-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libgcrypt20-1.9.4-150400.6.11.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libgcrypt20-1.9.4-150400.6.11.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libgcrypt20-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libgcrypt20-hmac-1.9.4-150400.6.11.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libgcrypt20-hmac-1.9.4-150400.6.11.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libgcrypt20-hmac-1.9.4-150400.6.11.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:libgcrypt20-1.9.4-150400.6.11.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libgcrypt20-1.9.4-150400.6.11.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libgcrypt20-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libgcrypt20-hmac-1.9.4-150400.6.11.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libgcrypt20-hmac-1.9.4-150400.6.11.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libgcrypt20-hmac-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libgcrypt20-1.9.4-150400.6.11.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libgcrypt20-1.9.4-150400.6.11.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libgcrypt20-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libgcrypt20-hmac-1.9.4-150400.6.11.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libgcrypt20-hmac-1.9.4-150400.6.11.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libgcrypt20-hmac-1.9.4-150400.6.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-22T11:40:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-2236"
}
]
}
SUSE-SU-2025:02464-2
Vulnerability from csaf_suse - Published: 2025-08-01 09:17 - Updated: 2025-08-01 09:17Summary
Security update for libgcrypt
Severity
Moderate
Notes
Title of the patch: Security update for libgcrypt
Description of the patch: This update for libgcrypt fixes the following issues:
- CVE-2024-2236: timing-based side-channel flaw in RSA implementation can lead to decryption of RSA ciphertexts (bsc#1221107).
Patchnames: SUSE-2025-2464,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2464,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2464,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2464,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2464,SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-2464,SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-2464
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.9 (Medium)
Affected products
Recommended
54 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgcrypt-devel-1.9.4-150400.6.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgcrypt-devel-1.9.4-150400.6.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgcrypt20-1.9.4-150400.6.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgcrypt20-1.9.4-150400.6.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgcrypt20-32bit-1.9.4-150400.6.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgcrypt20-hmac-1.9.4-150400.6.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgcrypt20-hmac-1.9.4-150400.6.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgcrypt20-hmac-32bit-1.9.4-150400.6.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgcrypt-devel-1.9.4-150400.6.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgcrypt-devel-1.9.4-150400.6.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgcrypt20-1.9.4-150400.6.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgcrypt20-1.9.4-150400.6.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgcrypt20-32bit-1.9.4-150400.6.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgcrypt20-hmac-1.9.4-150400.6.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgcrypt20-hmac-1.9.4-150400.6.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgcrypt20-hmac-32bit-1.9.4-150400.6.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt-devel-1.9.4-150400.6.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt-devel-1.9.4-150400.6.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt-devel-1.9.4-150400.6.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt-devel-1.9.4-150400.6.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt20-1.9.4-150400.6.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt20-1.9.4-150400.6.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt20-1.9.4-150400.6.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt20-1.9.4-150400.6.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt20-32bit-1.9.4-150400.6.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt20-hmac-1.9.4-150400.6.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt20-hmac-1.9.4-150400.6.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt20-hmac-1.9.4-150400.6.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt20-hmac-1.9.4-150400.6.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt20-hmac-32bit-1.9.4-150400.6.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgcrypt-devel-1.9.4-150400.6.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgcrypt-devel-1.9.4-150400.6.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgcrypt20-1.9.4-150400.6.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgcrypt20-1.9.4-150400.6.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgcrypt20-32bit-1.9.4-150400.6.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgcrypt20-hmac-1.9.4-150400.6.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgcrypt20-hmac-1.9.4-150400.6.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgcrypt20-hmac-32bit-1.9.4-150400.6.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.3:libgcrypt-devel-1.9.4-150400.6.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.3:libgcrypt20-1.9.4-150400.6.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.3:libgcrypt20-32bit-1.9.4-150400.6.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.3:libgcrypt20-hmac-1.9.4-150400.6.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.3:libgcrypt20-hmac-32bit-1.9.4-150400.6.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:libgcrypt-devel-1.9.4-150400.6.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:libgcrypt-devel-1.9.4-150400.6.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:libgcrypt-devel-1.9.4-150400.6.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:libgcrypt20-1.9.4-150400.6.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:libgcrypt20-1.9.4-150400.6.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:libgcrypt20-1.9.4-150400.6.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:libgcrypt20-32bit-1.9.4-150400.6.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:libgcrypt20-hmac-1.9.4-150400.6.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:libgcrypt20-hmac-1.9.4-150400.6.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:libgcrypt20-hmac-1.9.4-150400.6.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:libgcrypt20-hmac-32bit-1.9.4-150400.6.11.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
8 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for libgcrypt",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for libgcrypt fixes the following issues:\n\n- CVE-2024-2236: timing-based side-channel flaw in RSA implementation can lead to decryption of RSA ciphertexts (bsc#1221107). \n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-2464,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2464,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2464,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2464,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2464,SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-2464,SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-2464",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_02464-2.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:02464-2",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502464-2/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:02464-2",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-August/040994.html"
},
{
"category": "self",
"summary": "SUSE Bug 1221107",
"url": "https://bugzilla.suse.com/1221107"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-2236 page",
"url": "https://www.suse.com/security/cve/CVE-2024-2236/"
}
],
"title": "Security update for libgcrypt",
"tracking": {
"current_release_date": "2025-08-01T09:17:59Z",
"generator": {
"date": "2025-08-01T09:17:59Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:02464-2",
"initial_release_date": "2025-08-01T09:17:59Z",
"revision_history": [
{
"date": "2025-08-01T09:17:59Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libgcrypt-cavs-1.9.4-150400.6.11.1.aarch64",
"product": {
"name": "libgcrypt-cavs-1.9.4-150400.6.11.1.aarch64",
"product_id": "libgcrypt-cavs-1.9.4-150400.6.11.1.aarch64"
}
},
{
"category": "product_version",
"name": "libgcrypt-devel-1.9.4-150400.6.11.1.aarch64",
"product": {
"name": "libgcrypt-devel-1.9.4-150400.6.11.1.aarch64",
"product_id": "libgcrypt-devel-1.9.4-150400.6.11.1.aarch64"
}
},
{
"category": "product_version",
"name": "libgcrypt20-1.9.4-150400.6.11.1.aarch64",
"product": {
"name": "libgcrypt20-1.9.4-150400.6.11.1.aarch64",
"product_id": "libgcrypt20-1.9.4-150400.6.11.1.aarch64"
}
},
{
"category": "product_version",
"name": "libgcrypt20-hmac-1.9.4-150400.6.11.1.aarch64",
"product": {
"name": "libgcrypt20-hmac-1.9.4-150400.6.11.1.aarch64",
"product_id": "libgcrypt20-hmac-1.9.4-150400.6.11.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libgcrypt-devel-64bit-1.9.4-150400.6.11.1.aarch64_ilp32",
"product": {
"name": "libgcrypt-devel-64bit-1.9.4-150400.6.11.1.aarch64_ilp32",
"product_id": "libgcrypt-devel-64bit-1.9.4-150400.6.11.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libgcrypt20-64bit-1.9.4-150400.6.11.1.aarch64_ilp32",
"product": {
"name": "libgcrypt20-64bit-1.9.4-150400.6.11.1.aarch64_ilp32",
"product_id": "libgcrypt20-64bit-1.9.4-150400.6.11.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libgcrypt20-hmac-64bit-1.9.4-150400.6.11.1.aarch64_ilp32",
"product": {
"name": "libgcrypt20-hmac-64bit-1.9.4-150400.6.11.1.aarch64_ilp32",
"product_id": "libgcrypt20-hmac-64bit-1.9.4-150400.6.11.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "libgcrypt-cavs-1.9.4-150400.6.11.1.i586",
"product": {
"name": "libgcrypt-cavs-1.9.4-150400.6.11.1.i586",
"product_id": "libgcrypt-cavs-1.9.4-150400.6.11.1.i586"
}
},
{
"category": "product_version",
"name": "libgcrypt-devel-1.9.4-150400.6.11.1.i586",
"product": {
"name": "libgcrypt-devel-1.9.4-150400.6.11.1.i586",
"product_id": "libgcrypt-devel-1.9.4-150400.6.11.1.i586"
}
},
{
"category": "product_version",
"name": "libgcrypt20-1.9.4-150400.6.11.1.i586",
"product": {
"name": "libgcrypt20-1.9.4-150400.6.11.1.i586",
"product_id": "libgcrypt20-1.9.4-150400.6.11.1.i586"
}
},
{
"category": "product_version",
"name": "libgcrypt20-hmac-1.9.4-150400.6.11.1.i586",
"product": {
"name": "libgcrypt20-hmac-1.9.4-150400.6.11.1.i586",
"product_id": "libgcrypt20-hmac-1.9.4-150400.6.11.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "libgcrypt-cavs-1.9.4-150400.6.11.1.ppc64le",
"product": {
"name": "libgcrypt-cavs-1.9.4-150400.6.11.1.ppc64le",
"product_id": "libgcrypt-cavs-1.9.4-150400.6.11.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libgcrypt-devel-1.9.4-150400.6.11.1.ppc64le",
"product": {
"name": "libgcrypt-devel-1.9.4-150400.6.11.1.ppc64le",
"product_id": "libgcrypt-devel-1.9.4-150400.6.11.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libgcrypt20-1.9.4-150400.6.11.1.ppc64le",
"product": {
"name": "libgcrypt20-1.9.4-150400.6.11.1.ppc64le",
"product_id": "libgcrypt20-1.9.4-150400.6.11.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libgcrypt20-hmac-1.9.4-150400.6.11.1.ppc64le",
"product": {
"name": "libgcrypt20-hmac-1.9.4-150400.6.11.1.ppc64le",
"product_id": "libgcrypt20-hmac-1.9.4-150400.6.11.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libgcrypt-cavs-1.9.4-150400.6.11.1.s390x",
"product": {
"name": "libgcrypt-cavs-1.9.4-150400.6.11.1.s390x",
"product_id": "libgcrypt-cavs-1.9.4-150400.6.11.1.s390x"
}
},
{
"category": "product_version",
"name": "libgcrypt-devel-1.9.4-150400.6.11.1.s390x",
"product": {
"name": "libgcrypt-devel-1.9.4-150400.6.11.1.s390x",
"product_id": "libgcrypt-devel-1.9.4-150400.6.11.1.s390x"
}
},
{
"category": "product_version",
"name": "libgcrypt20-1.9.4-150400.6.11.1.s390x",
"product": {
"name": "libgcrypt20-1.9.4-150400.6.11.1.s390x",
"product_id": "libgcrypt20-1.9.4-150400.6.11.1.s390x"
}
},
{
"category": "product_version",
"name": "libgcrypt20-hmac-1.9.4-150400.6.11.1.s390x",
"product": {
"name": "libgcrypt20-hmac-1.9.4-150400.6.11.1.s390x",
"product_id": "libgcrypt20-hmac-1.9.4-150400.6.11.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libgcrypt-cavs-1.9.4-150400.6.11.1.x86_64",
"product": {
"name": "libgcrypt-cavs-1.9.4-150400.6.11.1.x86_64",
"product_id": "libgcrypt-cavs-1.9.4-150400.6.11.1.x86_64"
}
},
{
"category": "product_version",
"name": "libgcrypt-devel-1.9.4-150400.6.11.1.x86_64",
"product": {
"name": "libgcrypt-devel-1.9.4-150400.6.11.1.x86_64",
"product_id": "libgcrypt-devel-1.9.4-150400.6.11.1.x86_64"
}
},
{
"category": "product_version",
"name": "libgcrypt-devel-32bit-1.9.4-150400.6.11.1.x86_64",
"product": {
"name": "libgcrypt-devel-32bit-1.9.4-150400.6.11.1.x86_64",
"product_id": "libgcrypt-devel-32bit-1.9.4-150400.6.11.1.x86_64"
}
},
{
"category": "product_version",
"name": "libgcrypt20-1.9.4-150400.6.11.1.x86_64",
"product": {
"name": "libgcrypt20-1.9.4-150400.6.11.1.x86_64",
"product_id": "libgcrypt20-1.9.4-150400.6.11.1.x86_64"
}
},
{
"category": "product_version",
"name": "libgcrypt20-32bit-1.9.4-150400.6.11.1.x86_64",
"product": {
"name": "libgcrypt20-32bit-1.9.4-150400.6.11.1.x86_64",
"product_id": "libgcrypt20-32bit-1.9.4-150400.6.11.1.x86_64"
}
},
{
"category": "product_version",
"name": "libgcrypt20-hmac-1.9.4-150400.6.11.1.x86_64",
"product": {
"name": "libgcrypt20-hmac-1.9.4-150400.6.11.1.x86_64",
"product_id": "libgcrypt20-hmac-1.9.4-150400.6.11.1.x86_64"
}
},
{
"category": "product_version",
"name": "libgcrypt20-hmac-32bit-1.9.4-150400.6.11.1.x86_64",
"product": {
"name": "libgcrypt20-hmac-32bit-1.9.4-150400.6.11.1.x86_64",
"product_id": "libgcrypt20-hmac-32bit-1.9.4-150400.6.11.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Proxy 4.3",
"product": {
"name": "SUSE Manager Proxy 4.3",
"product_id": "SUSE Manager Proxy 4.3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-proxy:4.3"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Server 4.3",
"product": {
"name": "SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-server:4.3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt-devel-1.9.4-150400.6.11.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgcrypt-devel-1.9.4-150400.6.11.1.aarch64"
},
"product_reference": "libgcrypt-devel-1.9.4-150400.6.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt-devel-1.9.4-150400.6.11.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgcrypt-devel-1.9.4-150400.6.11.1.x86_64"
},
"product_reference": "libgcrypt-devel-1.9.4-150400.6.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.9.4-150400.6.11.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgcrypt20-1.9.4-150400.6.11.1.aarch64"
},
"product_reference": "libgcrypt20-1.9.4-150400.6.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.9.4-150400.6.11.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgcrypt20-1.9.4-150400.6.11.1.x86_64"
},
"product_reference": "libgcrypt20-1.9.4-150400.6.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-32bit-1.9.4-150400.6.11.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgcrypt20-32bit-1.9.4-150400.6.11.1.x86_64"
},
"product_reference": "libgcrypt20-32bit-1.9.4-150400.6.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-1.9.4-150400.6.11.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgcrypt20-hmac-1.9.4-150400.6.11.1.aarch64"
},
"product_reference": "libgcrypt20-hmac-1.9.4-150400.6.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-1.9.4-150400.6.11.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgcrypt20-hmac-1.9.4-150400.6.11.1.x86_64"
},
"product_reference": "libgcrypt20-hmac-1.9.4-150400.6.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-32bit-1.9.4-150400.6.11.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgcrypt20-hmac-32bit-1.9.4-150400.6.11.1.x86_64"
},
"product_reference": "libgcrypt20-hmac-32bit-1.9.4-150400.6.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt-devel-1.9.4-150400.6.11.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgcrypt-devel-1.9.4-150400.6.11.1.aarch64"
},
"product_reference": "libgcrypt-devel-1.9.4-150400.6.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt-devel-1.9.4-150400.6.11.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgcrypt-devel-1.9.4-150400.6.11.1.x86_64"
},
"product_reference": "libgcrypt-devel-1.9.4-150400.6.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.9.4-150400.6.11.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgcrypt20-1.9.4-150400.6.11.1.aarch64"
},
"product_reference": "libgcrypt20-1.9.4-150400.6.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.9.4-150400.6.11.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgcrypt20-1.9.4-150400.6.11.1.x86_64"
},
"product_reference": "libgcrypt20-1.9.4-150400.6.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-32bit-1.9.4-150400.6.11.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgcrypt20-32bit-1.9.4-150400.6.11.1.x86_64"
},
"product_reference": "libgcrypt20-32bit-1.9.4-150400.6.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-1.9.4-150400.6.11.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgcrypt20-hmac-1.9.4-150400.6.11.1.aarch64"
},
"product_reference": "libgcrypt20-hmac-1.9.4-150400.6.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-1.9.4-150400.6.11.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgcrypt20-hmac-1.9.4-150400.6.11.1.x86_64"
},
"product_reference": "libgcrypt20-hmac-1.9.4-150400.6.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-32bit-1.9.4-150400.6.11.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgcrypt20-hmac-32bit-1.9.4-150400.6.11.1.x86_64"
},
"product_reference": "libgcrypt20-hmac-32bit-1.9.4-150400.6.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt-devel-1.9.4-150400.6.11.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt-devel-1.9.4-150400.6.11.1.aarch64"
},
"product_reference": "libgcrypt-devel-1.9.4-150400.6.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt-devel-1.9.4-150400.6.11.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt-devel-1.9.4-150400.6.11.1.ppc64le"
},
"product_reference": "libgcrypt-devel-1.9.4-150400.6.11.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt-devel-1.9.4-150400.6.11.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt-devel-1.9.4-150400.6.11.1.s390x"
},
"product_reference": "libgcrypt-devel-1.9.4-150400.6.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt-devel-1.9.4-150400.6.11.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt-devel-1.9.4-150400.6.11.1.x86_64"
},
"product_reference": "libgcrypt-devel-1.9.4-150400.6.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.9.4-150400.6.11.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt20-1.9.4-150400.6.11.1.aarch64"
},
"product_reference": "libgcrypt20-1.9.4-150400.6.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.9.4-150400.6.11.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt20-1.9.4-150400.6.11.1.ppc64le"
},
"product_reference": "libgcrypt20-1.9.4-150400.6.11.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.9.4-150400.6.11.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt20-1.9.4-150400.6.11.1.s390x"
},
"product_reference": "libgcrypt20-1.9.4-150400.6.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.9.4-150400.6.11.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt20-1.9.4-150400.6.11.1.x86_64"
},
"product_reference": "libgcrypt20-1.9.4-150400.6.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-32bit-1.9.4-150400.6.11.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt20-32bit-1.9.4-150400.6.11.1.x86_64"
},
"product_reference": "libgcrypt20-32bit-1.9.4-150400.6.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-1.9.4-150400.6.11.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt20-hmac-1.9.4-150400.6.11.1.aarch64"
},
"product_reference": "libgcrypt20-hmac-1.9.4-150400.6.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-1.9.4-150400.6.11.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt20-hmac-1.9.4-150400.6.11.1.ppc64le"
},
"product_reference": "libgcrypt20-hmac-1.9.4-150400.6.11.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-1.9.4-150400.6.11.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt20-hmac-1.9.4-150400.6.11.1.s390x"
},
"product_reference": "libgcrypt20-hmac-1.9.4-150400.6.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-1.9.4-150400.6.11.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt20-hmac-1.9.4-150400.6.11.1.x86_64"
},
"product_reference": "libgcrypt20-hmac-1.9.4-150400.6.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-32bit-1.9.4-150400.6.11.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt20-hmac-32bit-1.9.4-150400.6.11.1.x86_64"
},
"product_reference": "libgcrypt20-hmac-32bit-1.9.4-150400.6.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt-devel-1.9.4-150400.6.11.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgcrypt-devel-1.9.4-150400.6.11.1.ppc64le"
},
"product_reference": "libgcrypt-devel-1.9.4-150400.6.11.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt-devel-1.9.4-150400.6.11.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgcrypt-devel-1.9.4-150400.6.11.1.x86_64"
},
"product_reference": "libgcrypt-devel-1.9.4-150400.6.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.9.4-150400.6.11.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgcrypt20-1.9.4-150400.6.11.1.ppc64le"
},
"product_reference": "libgcrypt20-1.9.4-150400.6.11.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.9.4-150400.6.11.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgcrypt20-1.9.4-150400.6.11.1.x86_64"
},
"product_reference": "libgcrypt20-1.9.4-150400.6.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-32bit-1.9.4-150400.6.11.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgcrypt20-32bit-1.9.4-150400.6.11.1.x86_64"
},
"product_reference": "libgcrypt20-32bit-1.9.4-150400.6.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-1.9.4-150400.6.11.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgcrypt20-hmac-1.9.4-150400.6.11.1.ppc64le"
},
"product_reference": "libgcrypt20-hmac-1.9.4-150400.6.11.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-1.9.4-150400.6.11.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgcrypt20-hmac-1.9.4-150400.6.11.1.x86_64"
},
"product_reference": "libgcrypt20-hmac-1.9.4-150400.6.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-32bit-1.9.4-150400.6.11.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgcrypt20-hmac-32bit-1.9.4-150400.6.11.1.x86_64"
},
"product_reference": "libgcrypt20-hmac-32bit-1.9.4-150400.6.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt-devel-1.9.4-150400.6.11.1.x86_64 as component of SUSE Manager Proxy 4.3",
"product_id": "SUSE Manager Proxy 4.3:libgcrypt-devel-1.9.4-150400.6.11.1.x86_64"
},
"product_reference": "libgcrypt-devel-1.9.4-150400.6.11.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.9.4-150400.6.11.1.x86_64 as component of SUSE Manager Proxy 4.3",
"product_id": "SUSE Manager Proxy 4.3:libgcrypt20-1.9.4-150400.6.11.1.x86_64"
},
"product_reference": "libgcrypt20-1.9.4-150400.6.11.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-32bit-1.9.4-150400.6.11.1.x86_64 as component of SUSE Manager Proxy 4.3",
"product_id": "SUSE Manager Proxy 4.3:libgcrypt20-32bit-1.9.4-150400.6.11.1.x86_64"
},
"product_reference": "libgcrypt20-32bit-1.9.4-150400.6.11.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-1.9.4-150400.6.11.1.x86_64 as component of SUSE Manager Proxy 4.3",
"product_id": "SUSE Manager Proxy 4.3:libgcrypt20-hmac-1.9.4-150400.6.11.1.x86_64"
},
"product_reference": "libgcrypt20-hmac-1.9.4-150400.6.11.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-32bit-1.9.4-150400.6.11.1.x86_64 as component of SUSE Manager Proxy 4.3",
"product_id": "SUSE Manager Proxy 4.3:libgcrypt20-hmac-32bit-1.9.4-150400.6.11.1.x86_64"
},
"product_reference": "libgcrypt20-hmac-32bit-1.9.4-150400.6.11.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt-devel-1.9.4-150400.6.11.1.ppc64le as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:libgcrypt-devel-1.9.4-150400.6.11.1.ppc64le"
},
"product_reference": "libgcrypt-devel-1.9.4-150400.6.11.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt-devel-1.9.4-150400.6.11.1.s390x as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:libgcrypt-devel-1.9.4-150400.6.11.1.s390x"
},
"product_reference": "libgcrypt-devel-1.9.4-150400.6.11.1.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt-devel-1.9.4-150400.6.11.1.x86_64 as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:libgcrypt-devel-1.9.4-150400.6.11.1.x86_64"
},
"product_reference": "libgcrypt-devel-1.9.4-150400.6.11.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.9.4-150400.6.11.1.ppc64le as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:libgcrypt20-1.9.4-150400.6.11.1.ppc64le"
},
"product_reference": "libgcrypt20-1.9.4-150400.6.11.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.9.4-150400.6.11.1.s390x as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:libgcrypt20-1.9.4-150400.6.11.1.s390x"
},
"product_reference": "libgcrypt20-1.9.4-150400.6.11.1.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.9.4-150400.6.11.1.x86_64 as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:libgcrypt20-1.9.4-150400.6.11.1.x86_64"
},
"product_reference": "libgcrypt20-1.9.4-150400.6.11.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-32bit-1.9.4-150400.6.11.1.x86_64 as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:libgcrypt20-32bit-1.9.4-150400.6.11.1.x86_64"
},
"product_reference": "libgcrypt20-32bit-1.9.4-150400.6.11.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-1.9.4-150400.6.11.1.ppc64le as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:libgcrypt20-hmac-1.9.4-150400.6.11.1.ppc64le"
},
"product_reference": "libgcrypt20-hmac-1.9.4-150400.6.11.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-1.9.4-150400.6.11.1.s390x as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:libgcrypt20-hmac-1.9.4-150400.6.11.1.s390x"
},
"product_reference": "libgcrypt20-hmac-1.9.4-150400.6.11.1.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-1.9.4-150400.6.11.1.x86_64 as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:libgcrypt20-hmac-1.9.4-150400.6.11.1.x86_64"
},
"product_reference": "libgcrypt20-hmac-1.9.4-150400.6.11.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-32bit-1.9.4-150400.6.11.1.x86_64 as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:libgcrypt20-hmac-32bit-1.9.4-150400.6.11.1.x86_64"
},
"product_reference": "libgcrypt20-hmac-32bit-1.9.4-150400.6.11.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-2236",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-2236"
}
],
"notes": [
{
"category": "general",
"text": "A timing-based side-channel flaw was found in libgcrypt\u0027s RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgcrypt-devel-1.9.4-150400.6.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgcrypt-devel-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgcrypt20-1.9.4-150400.6.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgcrypt20-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgcrypt20-32bit-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgcrypt20-hmac-1.9.4-150400.6.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgcrypt20-hmac-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgcrypt20-hmac-32bit-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgcrypt-devel-1.9.4-150400.6.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgcrypt-devel-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgcrypt20-1.9.4-150400.6.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgcrypt20-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgcrypt20-32bit-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgcrypt20-hmac-1.9.4-150400.6.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgcrypt20-hmac-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgcrypt20-hmac-32bit-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt-devel-1.9.4-150400.6.11.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt-devel-1.9.4-150400.6.11.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt-devel-1.9.4-150400.6.11.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt-devel-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt20-1.9.4-150400.6.11.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt20-1.9.4-150400.6.11.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt20-1.9.4-150400.6.11.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt20-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt20-32bit-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt20-hmac-1.9.4-150400.6.11.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt20-hmac-1.9.4-150400.6.11.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt20-hmac-1.9.4-150400.6.11.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt20-hmac-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt20-hmac-32bit-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgcrypt-devel-1.9.4-150400.6.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgcrypt-devel-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgcrypt20-1.9.4-150400.6.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgcrypt20-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgcrypt20-32bit-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgcrypt20-hmac-1.9.4-150400.6.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgcrypt20-hmac-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgcrypt20-hmac-32bit-1.9.4-150400.6.11.1.x86_64",
"SUSE Manager Proxy 4.3:libgcrypt-devel-1.9.4-150400.6.11.1.x86_64",
"SUSE Manager Proxy 4.3:libgcrypt20-1.9.4-150400.6.11.1.x86_64",
"SUSE Manager Proxy 4.3:libgcrypt20-32bit-1.9.4-150400.6.11.1.x86_64",
"SUSE Manager Proxy 4.3:libgcrypt20-hmac-1.9.4-150400.6.11.1.x86_64",
"SUSE Manager Proxy 4.3:libgcrypt20-hmac-32bit-1.9.4-150400.6.11.1.x86_64",
"SUSE Manager Server 4.3:libgcrypt-devel-1.9.4-150400.6.11.1.ppc64le",
"SUSE Manager Server 4.3:libgcrypt-devel-1.9.4-150400.6.11.1.s390x",
"SUSE Manager Server 4.3:libgcrypt-devel-1.9.4-150400.6.11.1.x86_64",
"SUSE Manager Server 4.3:libgcrypt20-1.9.4-150400.6.11.1.ppc64le",
"SUSE Manager Server 4.3:libgcrypt20-1.9.4-150400.6.11.1.s390x",
"SUSE Manager Server 4.3:libgcrypt20-1.9.4-150400.6.11.1.x86_64",
"SUSE Manager Server 4.3:libgcrypt20-32bit-1.9.4-150400.6.11.1.x86_64",
"SUSE Manager Server 4.3:libgcrypt20-hmac-1.9.4-150400.6.11.1.ppc64le",
"SUSE Manager Server 4.3:libgcrypt20-hmac-1.9.4-150400.6.11.1.s390x",
"SUSE Manager Server 4.3:libgcrypt20-hmac-1.9.4-150400.6.11.1.x86_64",
"SUSE Manager Server 4.3:libgcrypt20-hmac-32bit-1.9.4-150400.6.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-2236",
"url": "https://www.suse.com/security/cve/CVE-2024-2236"
},
{
"category": "external",
"summary": "SUSE Bug 1221107 for CVE-2024-2236",
"url": "https://bugzilla.suse.com/1221107"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgcrypt-devel-1.9.4-150400.6.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgcrypt-devel-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgcrypt20-1.9.4-150400.6.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgcrypt20-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgcrypt20-32bit-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgcrypt20-hmac-1.9.4-150400.6.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgcrypt20-hmac-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgcrypt20-hmac-32bit-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgcrypt-devel-1.9.4-150400.6.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgcrypt-devel-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgcrypt20-1.9.4-150400.6.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgcrypt20-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgcrypt20-32bit-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgcrypt20-hmac-1.9.4-150400.6.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgcrypt20-hmac-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgcrypt20-hmac-32bit-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt-devel-1.9.4-150400.6.11.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt-devel-1.9.4-150400.6.11.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt-devel-1.9.4-150400.6.11.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt-devel-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt20-1.9.4-150400.6.11.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt20-1.9.4-150400.6.11.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt20-1.9.4-150400.6.11.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt20-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt20-32bit-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt20-hmac-1.9.4-150400.6.11.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt20-hmac-1.9.4-150400.6.11.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt20-hmac-1.9.4-150400.6.11.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt20-hmac-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt20-hmac-32bit-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgcrypt-devel-1.9.4-150400.6.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgcrypt-devel-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgcrypt20-1.9.4-150400.6.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgcrypt20-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgcrypt20-32bit-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgcrypt20-hmac-1.9.4-150400.6.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgcrypt20-hmac-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgcrypt20-hmac-32bit-1.9.4-150400.6.11.1.x86_64",
"SUSE Manager Proxy 4.3:libgcrypt-devel-1.9.4-150400.6.11.1.x86_64",
"SUSE Manager Proxy 4.3:libgcrypt20-1.9.4-150400.6.11.1.x86_64",
"SUSE Manager Proxy 4.3:libgcrypt20-32bit-1.9.4-150400.6.11.1.x86_64",
"SUSE Manager Proxy 4.3:libgcrypt20-hmac-1.9.4-150400.6.11.1.x86_64",
"SUSE Manager Proxy 4.3:libgcrypt20-hmac-32bit-1.9.4-150400.6.11.1.x86_64",
"SUSE Manager Server 4.3:libgcrypt-devel-1.9.4-150400.6.11.1.ppc64le",
"SUSE Manager Server 4.3:libgcrypt-devel-1.9.4-150400.6.11.1.s390x",
"SUSE Manager Server 4.3:libgcrypt-devel-1.9.4-150400.6.11.1.x86_64",
"SUSE Manager Server 4.3:libgcrypt20-1.9.4-150400.6.11.1.ppc64le",
"SUSE Manager Server 4.3:libgcrypt20-1.9.4-150400.6.11.1.s390x",
"SUSE Manager Server 4.3:libgcrypt20-1.9.4-150400.6.11.1.x86_64",
"SUSE Manager Server 4.3:libgcrypt20-32bit-1.9.4-150400.6.11.1.x86_64",
"SUSE Manager Server 4.3:libgcrypt20-hmac-1.9.4-150400.6.11.1.ppc64le",
"SUSE Manager Server 4.3:libgcrypt20-hmac-1.9.4-150400.6.11.1.s390x",
"SUSE Manager Server 4.3:libgcrypt20-hmac-1.9.4-150400.6.11.1.x86_64",
"SUSE Manager Server 4.3:libgcrypt20-hmac-32bit-1.9.4-150400.6.11.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgcrypt-devel-1.9.4-150400.6.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgcrypt-devel-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgcrypt20-1.9.4-150400.6.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgcrypt20-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgcrypt20-32bit-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgcrypt20-hmac-1.9.4-150400.6.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgcrypt20-hmac-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgcrypt20-hmac-32bit-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgcrypt-devel-1.9.4-150400.6.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgcrypt-devel-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgcrypt20-1.9.4-150400.6.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgcrypt20-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgcrypt20-32bit-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgcrypt20-hmac-1.9.4-150400.6.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgcrypt20-hmac-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgcrypt20-hmac-32bit-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt-devel-1.9.4-150400.6.11.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt-devel-1.9.4-150400.6.11.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt-devel-1.9.4-150400.6.11.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt-devel-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt20-1.9.4-150400.6.11.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt20-1.9.4-150400.6.11.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt20-1.9.4-150400.6.11.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt20-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt20-32bit-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt20-hmac-1.9.4-150400.6.11.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt20-hmac-1.9.4-150400.6.11.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt20-hmac-1.9.4-150400.6.11.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt20-hmac-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libgcrypt20-hmac-32bit-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgcrypt-devel-1.9.4-150400.6.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgcrypt-devel-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgcrypt20-1.9.4-150400.6.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgcrypt20-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgcrypt20-32bit-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgcrypt20-hmac-1.9.4-150400.6.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgcrypt20-hmac-1.9.4-150400.6.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgcrypt20-hmac-32bit-1.9.4-150400.6.11.1.x86_64",
"SUSE Manager Proxy 4.3:libgcrypt-devel-1.9.4-150400.6.11.1.x86_64",
"SUSE Manager Proxy 4.3:libgcrypt20-1.9.4-150400.6.11.1.x86_64",
"SUSE Manager Proxy 4.3:libgcrypt20-32bit-1.9.4-150400.6.11.1.x86_64",
"SUSE Manager Proxy 4.3:libgcrypt20-hmac-1.9.4-150400.6.11.1.x86_64",
"SUSE Manager Proxy 4.3:libgcrypt20-hmac-32bit-1.9.4-150400.6.11.1.x86_64",
"SUSE Manager Server 4.3:libgcrypt-devel-1.9.4-150400.6.11.1.ppc64le",
"SUSE Manager Server 4.3:libgcrypt-devel-1.9.4-150400.6.11.1.s390x",
"SUSE Manager Server 4.3:libgcrypt-devel-1.9.4-150400.6.11.1.x86_64",
"SUSE Manager Server 4.3:libgcrypt20-1.9.4-150400.6.11.1.ppc64le",
"SUSE Manager Server 4.3:libgcrypt20-1.9.4-150400.6.11.1.s390x",
"SUSE Manager Server 4.3:libgcrypt20-1.9.4-150400.6.11.1.x86_64",
"SUSE Manager Server 4.3:libgcrypt20-32bit-1.9.4-150400.6.11.1.x86_64",
"SUSE Manager Server 4.3:libgcrypt20-hmac-1.9.4-150400.6.11.1.ppc64le",
"SUSE Manager Server 4.3:libgcrypt20-hmac-1.9.4-150400.6.11.1.s390x",
"SUSE Manager Server 4.3:libgcrypt20-hmac-1.9.4-150400.6.11.1.x86_64",
"SUSE Manager Server 4.3:libgcrypt20-hmac-32bit-1.9.4-150400.6.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-01T09:17:59Z",
"details": "moderate"
}
],
"title": "CVE-2024-2236"
}
]
}
SUSE-SU-2025:02719-1
Vulnerability from csaf_suse - Published: 2025-08-07 03:38 - Updated: 2025-08-07 03:38Summary
Security update for libgcrypt
Severity
Moderate
Notes
Title of the patch: Security update for libgcrypt
Description of the patch: This update for libgcrypt fixes the following issues:
- CVE-2024-2236: timing-based side-channel flaw in RSA implementation can lead to decryption of RSA ciphertexts (bsc#1221107).
Patchnames: SUSE-2025-2719,SUSE-SLE-Module-Basesystem-15-SP7-2025-2719
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.9 (Medium)
Affected products
Recommended
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libgcrypt-devel-1.11.0-150700.5.7.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libgcrypt-devel-1.11.0-150700.5.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libgcrypt-devel-1.11.0-150700.5.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libgcrypt-devel-1.11.0-150700.5.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libgcrypt20-1.11.0-150700.5.7.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libgcrypt20-1.11.0-150700.5.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libgcrypt20-1.11.0-150700.5.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libgcrypt20-1.11.0-150700.5.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libgcrypt20-32bit-1.11.0-150700.5.7.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
9 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for libgcrypt",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for libgcrypt fixes the following issues:\n\n- CVE-2024-2236: timing-based side-channel flaw in RSA implementation can lead to decryption of RSA ciphertexts (bsc#1221107).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-2719,SUSE-SLE-Module-Basesystem-15-SP7-2025-2719",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_02719-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:02719-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502719-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:02719-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-August/041138.html"
},
{
"category": "self",
"summary": "SUSE Bug 1221107",
"url": "https://bugzilla.suse.com/1221107"
},
{
"category": "self",
"summary": "SUSE Bug 1246934",
"url": "https://bugzilla.suse.com/1246934"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-2236 page",
"url": "https://www.suse.com/security/cve/CVE-2024-2236/"
}
],
"title": "Security update for libgcrypt",
"tracking": {
"current_release_date": "2025-08-07T03:38:36Z",
"generator": {
"date": "2025-08-07T03:38:36Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:02719-1",
"initial_release_date": "2025-08-07T03:38:36Z",
"revision_history": [
{
"date": "2025-08-07T03:38:36Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libgcrypt-devel-1.11.0-150700.5.7.1.aarch64",
"product": {
"name": "libgcrypt-devel-1.11.0-150700.5.7.1.aarch64",
"product_id": "libgcrypt-devel-1.11.0-150700.5.7.1.aarch64"
}
},
{
"category": "product_version",
"name": "libgcrypt20-1.11.0-150700.5.7.1.aarch64",
"product": {
"name": "libgcrypt20-1.11.0-150700.5.7.1.aarch64",
"product_id": "libgcrypt20-1.11.0-150700.5.7.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libgcrypt-devel-64bit-1.11.0-150700.5.7.1.aarch64_ilp32",
"product": {
"name": "libgcrypt-devel-64bit-1.11.0-150700.5.7.1.aarch64_ilp32",
"product_id": "libgcrypt-devel-64bit-1.11.0-150700.5.7.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libgcrypt20-64bit-1.11.0-150700.5.7.1.aarch64_ilp32",
"product": {
"name": "libgcrypt20-64bit-1.11.0-150700.5.7.1.aarch64_ilp32",
"product_id": "libgcrypt20-64bit-1.11.0-150700.5.7.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "libgcrypt-devel-1.11.0-150700.5.7.1.i586",
"product": {
"name": "libgcrypt-devel-1.11.0-150700.5.7.1.i586",
"product_id": "libgcrypt-devel-1.11.0-150700.5.7.1.i586"
}
},
{
"category": "product_version",
"name": "libgcrypt20-1.11.0-150700.5.7.1.i586",
"product": {
"name": "libgcrypt20-1.11.0-150700.5.7.1.i586",
"product_id": "libgcrypt20-1.11.0-150700.5.7.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "libgcrypt-devel-1.11.0-150700.5.7.1.ppc64le",
"product": {
"name": "libgcrypt-devel-1.11.0-150700.5.7.1.ppc64le",
"product_id": "libgcrypt-devel-1.11.0-150700.5.7.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libgcrypt20-1.11.0-150700.5.7.1.ppc64le",
"product": {
"name": "libgcrypt20-1.11.0-150700.5.7.1.ppc64le",
"product_id": "libgcrypt20-1.11.0-150700.5.7.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libgcrypt-devel-1.11.0-150700.5.7.1.s390x",
"product": {
"name": "libgcrypt-devel-1.11.0-150700.5.7.1.s390x",
"product_id": "libgcrypt-devel-1.11.0-150700.5.7.1.s390x"
}
},
{
"category": "product_version",
"name": "libgcrypt20-1.11.0-150700.5.7.1.s390x",
"product": {
"name": "libgcrypt20-1.11.0-150700.5.7.1.s390x",
"product_id": "libgcrypt20-1.11.0-150700.5.7.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libgcrypt-devel-1.11.0-150700.5.7.1.x86_64",
"product": {
"name": "libgcrypt-devel-1.11.0-150700.5.7.1.x86_64",
"product_id": "libgcrypt-devel-1.11.0-150700.5.7.1.x86_64"
}
},
{
"category": "product_version",
"name": "libgcrypt-devel-32bit-1.11.0-150700.5.7.1.x86_64",
"product": {
"name": "libgcrypt-devel-32bit-1.11.0-150700.5.7.1.x86_64",
"product_id": "libgcrypt-devel-32bit-1.11.0-150700.5.7.1.x86_64"
}
},
{
"category": "product_version",
"name": "libgcrypt20-1.11.0-150700.5.7.1.x86_64",
"product": {
"name": "libgcrypt20-1.11.0-150700.5.7.1.x86_64",
"product_id": "libgcrypt20-1.11.0-150700.5.7.1.x86_64"
}
},
{
"category": "product_version",
"name": "libgcrypt20-32bit-1.11.0-150700.5.7.1.x86_64",
"product": {
"name": "libgcrypt20-32bit-1.11.0-150700.5.7.1.x86_64",
"product_id": "libgcrypt20-32bit-1.11.0-150700.5.7.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp7"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt-devel-1.11.0-150700.5.7.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libgcrypt-devel-1.11.0-150700.5.7.1.aarch64"
},
"product_reference": "libgcrypt-devel-1.11.0-150700.5.7.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt-devel-1.11.0-150700.5.7.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libgcrypt-devel-1.11.0-150700.5.7.1.ppc64le"
},
"product_reference": "libgcrypt-devel-1.11.0-150700.5.7.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt-devel-1.11.0-150700.5.7.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libgcrypt-devel-1.11.0-150700.5.7.1.s390x"
},
"product_reference": "libgcrypt-devel-1.11.0-150700.5.7.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt-devel-1.11.0-150700.5.7.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libgcrypt-devel-1.11.0-150700.5.7.1.x86_64"
},
"product_reference": "libgcrypt-devel-1.11.0-150700.5.7.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.11.0-150700.5.7.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libgcrypt20-1.11.0-150700.5.7.1.aarch64"
},
"product_reference": "libgcrypt20-1.11.0-150700.5.7.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.11.0-150700.5.7.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libgcrypt20-1.11.0-150700.5.7.1.ppc64le"
},
"product_reference": "libgcrypt20-1.11.0-150700.5.7.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.11.0-150700.5.7.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libgcrypt20-1.11.0-150700.5.7.1.s390x"
},
"product_reference": "libgcrypt20-1.11.0-150700.5.7.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.11.0-150700.5.7.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libgcrypt20-1.11.0-150700.5.7.1.x86_64"
},
"product_reference": "libgcrypt20-1.11.0-150700.5.7.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-32bit-1.11.0-150700.5.7.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libgcrypt20-32bit-1.11.0-150700.5.7.1.x86_64"
},
"product_reference": "libgcrypt20-32bit-1.11.0-150700.5.7.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-2236",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-2236"
}
],
"notes": [
{
"category": "general",
"text": "A timing-based side-channel flaw was found in libgcrypt\u0027s RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libgcrypt-devel-1.11.0-150700.5.7.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libgcrypt-devel-1.11.0-150700.5.7.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libgcrypt-devel-1.11.0-150700.5.7.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libgcrypt-devel-1.11.0-150700.5.7.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libgcrypt20-1.11.0-150700.5.7.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libgcrypt20-1.11.0-150700.5.7.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libgcrypt20-1.11.0-150700.5.7.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libgcrypt20-1.11.0-150700.5.7.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libgcrypt20-32bit-1.11.0-150700.5.7.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-2236",
"url": "https://www.suse.com/security/cve/CVE-2024-2236"
},
{
"category": "external",
"summary": "SUSE Bug 1221107 for CVE-2024-2236",
"url": "https://bugzilla.suse.com/1221107"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libgcrypt-devel-1.11.0-150700.5.7.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libgcrypt-devel-1.11.0-150700.5.7.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libgcrypt-devel-1.11.0-150700.5.7.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libgcrypt-devel-1.11.0-150700.5.7.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libgcrypt20-1.11.0-150700.5.7.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libgcrypt20-1.11.0-150700.5.7.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libgcrypt20-1.11.0-150700.5.7.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libgcrypt20-1.11.0-150700.5.7.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libgcrypt20-32bit-1.11.0-150700.5.7.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libgcrypt-devel-1.11.0-150700.5.7.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libgcrypt-devel-1.11.0-150700.5.7.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libgcrypt-devel-1.11.0-150700.5.7.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libgcrypt-devel-1.11.0-150700.5.7.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libgcrypt20-1.11.0-150700.5.7.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libgcrypt20-1.11.0-150700.5.7.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libgcrypt20-1.11.0-150700.5.7.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libgcrypt20-1.11.0-150700.5.7.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libgcrypt20-32bit-1.11.0-150700.5.7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-07T03:38:36Z",
"details": "moderate"
}
],
"title": "CVE-2024-2236"
}
]
}
SUSE-SU-2025:02752-1
Vulnerability from csaf_suse - Published: 2025-08-11 13:15 - Updated: 2025-08-11 13:15Summary
Security update for libgcrypt
Severity
Moderate
Notes
Title of the patch: Security update for libgcrypt
Description of the patch: This update for libgcrypt fixes the following issues:
- CVE-2024-2236: timing-based side-channel flaw in RSA implementation can lead to decryption of RSA ciphertexts (bsc#1221107).
Patchnames: SUSE-2025-2752,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-2752,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-2752,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-2752,SUSE-SUSE-MicroOS-5.1-2025-2752,SUSE-SUSE-MicroOS-5.2-2025-2752,SUSE-Storage-7.1-2025-2752
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.9 (Medium)
Affected products
Recommended
54 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7.1:libgcrypt-devel-1.8.2-150100.8.45.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:libgcrypt-devel-1.8.2-150100.8.45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:libgcrypt-devel-32bit-1.8.2-150100.8.45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:libgcrypt20-1.8.2-150100.8.45.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:libgcrypt20-1.8.2-150100.8.45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:libgcrypt20-32bit-1.8.2-150100.8.45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:libgcrypt20-hmac-1.8.2-150100.8.45.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:libgcrypt20-hmac-1.8.2-150100.8.45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:libgcrypt20-hmac-32bit-1.8.2-150100.8.45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libgcrypt-devel-1.8.2-150100.8.45.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libgcrypt-devel-1.8.2-150100.8.45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libgcrypt-devel-32bit-1.8.2-150100.8.45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libgcrypt20-1.8.2-150100.8.45.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libgcrypt20-1.8.2-150100.8.45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libgcrypt20-32bit-1.8.2-150100.8.45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libgcrypt20-hmac-1.8.2-150100.8.45.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libgcrypt20-hmac-1.8.2-150100.8.45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libgcrypt20-hmac-32bit-1.8.2-150100.8.45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:libgcrypt20-1.8.2-150100.8.45.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:libgcrypt20-1.8.2-150100.8.45.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:libgcrypt20-1.8.2-150100.8.45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:libgcrypt20-hmac-1.8.2-150100.8.45.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:libgcrypt20-hmac-1.8.2-150100.8.45.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:libgcrypt20-hmac-1.8.2-150100.8.45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:libgcrypt20-1.8.2-150100.8.45.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:libgcrypt20-1.8.2-150100.8.45.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:libgcrypt20-1.8.2-150100.8.45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:libgcrypt20-hmac-1.8.2-150100.8.45.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:libgcrypt20-hmac-1.8.2-150100.8.45.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:libgcrypt20-hmac-1.8.2-150100.8.45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt-devel-1.8.2-150100.8.45.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt-devel-1.8.2-150100.8.45.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt-devel-1.8.2-150100.8.45.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt-devel-1.8.2-150100.8.45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt-devel-32bit-1.8.2-150100.8.45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt20-1.8.2-150100.8.45.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt20-1.8.2-150100.8.45.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt20-1.8.2-150100.8.45.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt20-1.8.2-150100.8.45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt20-32bit-1.8.2-150100.8.45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt20-hmac-1.8.2-150100.8.45.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt20-hmac-1.8.2-150100.8.45.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt20-hmac-1.8.2-150100.8.45.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt20-hmac-1.8.2-150100.8.45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt20-hmac-32bit-1.8.2-150100.8.45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libgcrypt-devel-1.8.2-150100.8.45.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libgcrypt-devel-1.8.2-150100.8.45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libgcrypt-devel-32bit-1.8.2-150100.8.45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libgcrypt20-1.8.2-150100.8.45.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libgcrypt20-1.8.2-150100.8.45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libgcrypt20-32bit-1.8.2-150100.8.45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libgcrypt20-hmac-1.8.2-150100.8.45.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libgcrypt20-hmac-1.8.2-150100.8.45.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libgcrypt20-hmac-32bit-1.8.2-150100.8.45.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
8 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for libgcrypt",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for libgcrypt fixes the following issues:\n\n- CVE-2024-2236: timing-based side-channel flaw in RSA implementation can lead to decryption of RSA ciphertexts (bsc#1221107).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-2752,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-2752,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-2752,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-2752,SUSE-SUSE-MicroOS-5.1-2025-2752,SUSE-SUSE-MicroOS-5.2-2025-2752,SUSE-Storage-7.1-2025-2752",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_02752-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:02752-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502752-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:02752-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-August/041161.html"
},
{
"category": "self",
"summary": "SUSE Bug 1221107",
"url": "https://bugzilla.suse.com/1221107"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-2236 page",
"url": "https://www.suse.com/security/cve/CVE-2024-2236/"
}
],
"title": "Security update for libgcrypt",
"tracking": {
"current_release_date": "2025-08-11T13:15:24Z",
"generator": {
"date": "2025-08-11T13:15:24Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:02752-1",
"initial_release_date": "2025-08-11T13:15:24Z",
"revision_history": [
{
"date": "2025-08-11T13:15:24Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libgcrypt-cavs-1.8.2-150100.8.45.1.aarch64",
"product": {
"name": "libgcrypt-cavs-1.8.2-150100.8.45.1.aarch64",
"product_id": "libgcrypt-cavs-1.8.2-150100.8.45.1.aarch64"
}
},
{
"category": "product_version",
"name": "libgcrypt-devel-1.8.2-150100.8.45.1.aarch64",
"product": {
"name": "libgcrypt-devel-1.8.2-150100.8.45.1.aarch64",
"product_id": "libgcrypt-devel-1.8.2-150100.8.45.1.aarch64"
}
},
{
"category": "product_version",
"name": "libgcrypt20-1.8.2-150100.8.45.1.aarch64",
"product": {
"name": "libgcrypt20-1.8.2-150100.8.45.1.aarch64",
"product_id": "libgcrypt20-1.8.2-150100.8.45.1.aarch64"
}
},
{
"category": "product_version",
"name": "libgcrypt20-hmac-1.8.2-150100.8.45.1.aarch64",
"product": {
"name": "libgcrypt20-hmac-1.8.2-150100.8.45.1.aarch64",
"product_id": "libgcrypt20-hmac-1.8.2-150100.8.45.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libgcrypt-devel-64bit-1.8.2-150100.8.45.1.aarch64_ilp32",
"product": {
"name": "libgcrypt-devel-64bit-1.8.2-150100.8.45.1.aarch64_ilp32",
"product_id": "libgcrypt-devel-64bit-1.8.2-150100.8.45.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libgcrypt20-64bit-1.8.2-150100.8.45.1.aarch64_ilp32",
"product": {
"name": "libgcrypt20-64bit-1.8.2-150100.8.45.1.aarch64_ilp32",
"product_id": "libgcrypt20-64bit-1.8.2-150100.8.45.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libgcrypt20-hmac-64bit-1.8.2-150100.8.45.1.aarch64_ilp32",
"product": {
"name": "libgcrypt20-hmac-64bit-1.8.2-150100.8.45.1.aarch64_ilp32",
"product_id": "libgcrypt20-hmac-64bit-1.8.2-150100.8.45.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "libgcrypt-cavs-1.8.2-150100.8.45.1.i586",
"product": {
"name": "libgcrypt-cavs-1.8.2-150100.8.45.1.i586",
"product_id": "libgcrypt-cavs-1.8.2-150100.8.45.1.i586"
}
},
{
"category": "product_version",
"name": "libgcrypt-devel-1.8.2-150100.8.45.1.i586",
"product": {
"name": "libgcrypt-devel-1.8.2-150100.8.45.1.i586",
"product_id": "libgcrypt-devel-1.8.2-150100.8.45.1.i586"
}
},
{
"category": "product_version",
"name": "libgcrypt20-1.8.2-150100.8.45.1.i586",
"product": {
"name": "libgcrypt20-1.8.2-150100.8.45.1.i586",
"product_id": "libgcrypt20-1.8.2-150100.8.45.1.i586"
}
},
{
"category": "product_version",
"name": "libgcrypt20-hmac-1.8.2-150100.8.45.1.i586",
"product": {
"name": "libgcrypt20-hmac-1.8.2-150100.8.45.1.i586",
"product_id": "libgcrypt20-hmac-1.8.2-150100.8.45.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "libgcrypt-cavs-1.8.2-150100.8.45.1.ppc64le",
"product": {
"name": "libgcrypt-cavs-1.8.2-150100.8.45.1.ppc64le",
"product_id": "libgcrypt-cavs-1.8.2-150100.8.45.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libgcrypt-devel-1.8.2-150100.8.45.1.ppc64le",
"product": {
"name": "libgcrypt-devel-1.8.2-150100.8.45.1.ppc64le",
"product_id": "libgcrypt-devel-1.8.2-150100.8.45.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libgcrypt20-1.8.2-150100.8.45.1.ppc64le",
"product": {
"name": "libgcrypt20-1.8.2-150100.8.45.1.ppc64le",
"product_id": "libgcrypt20-1.8.2-150100.8.45.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libgcrypt20-hmac-1.8.2-150100.8.45.1.ppc64le",
"product": {
"name": "libgcrypt20-hmac-1.8.2-150100.8.45.1.ppc64le",
"product_id": "libgcrypt20-hmac-1.8.2-150100.8.45.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libgcrypt-cavs-1.8.2-150100.8.45.1.s390x",
"product": {
"name": "libgcrypt-cavs-1.8.2-150100.8.45.1.s390x",
"product_id": "libgcrypt-cavs-1.8.2-150100.8.45.1.s390x"
}
},
{
"category": "product_version",
"name": "libgcrypt-devel-1.8.2-150100.8.45.1.s390x",
"product": {
"name": "libgcrypt-devel-1.8.2-150100.8.45.1.s390x",
"product_id": "libgcrypt-devel-1.8.2-150100.8.45.1.s390x"
}
},
{
"category": "product_version",
"name": "libgcrypt20-1.8.2-150100.8.45.1.s390x",
"product": {
"name": "libgcrypt20-1.8.2-150100.8.45.1.s390x",
"product_id": "libgcrypt20-1.8.2-150100.8.45.1.s390x"
}
},
{
"category": "product_version",
"name": "libgcrypt20-hmac-1.8.2-150100.8.45.1.s390x",
"product": {
"name": "libgcrypt20-hmac-1.8.2-150100.8.45.1.s390x",
"product_id": "libgcrypt20-hmac-1.8.2-150100.8.45.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libgcrypt-cavs-1.8.2-150100.8.45.1.x86_64",
"product": {
"name": "libgcrypt-cavs-1.8.2-150100.8.45.1.x86_64",
"product_id": "libgcrypt-cavs-1.8.2-150100.8.45.1.x86_64"
}
},
{
"category": "product_version",
"name": "libgcrypt-devel-1.8.2-150100.8.45.1.x86_64",
"product": {
"name": "libgcrypt-devel-1.8.2-150100.8.45.1.x86_64",
"product_id": "libgcrypt-devel-1.8.2-150100.8.45.1.x86_64"
}
},
{
"category": "product_version",
"name": "libgcrypt-devel-32bit-1.8.2-150100.8.45.1.x86_64",
"product": {
"name": "libgcrypt-devel-32bit-1.8.2-150100.8.45.1.x86_64",
"product_id": "libgcrypt-devel-32bit-1.8.2-150100.8.45.1.x86_64"
}
},
{
"category": "product_version",
"name": "libgcrypt20-1.8.2-150100.8.45.1.x86_64",
"product": {
"name": "libgcrypt20-1.8.2-150100.8.45.1.x86_64",
"product_id": "libgcrypt20-1.8.2-150100.8.45.1.x86_64"
}
},
{
"category": "product_version",
"name": "libgcrypt20-32bit-1.8.2-150100.8.45.1.x86_64",
"product": {
"name": "libgcrypt20-32bit-1.8.2-150100.8.45.1.x86_64",
"product_id": "libgcrypt20-32bit-1.8.2-150100.8.45.1.x86_64"
}
},
{
"category": "product_version",
"name": "libgcrypt20-hmac-1.8.2-150100.8.45.1.x86_64",
"product": {
"name": "libgcrypt20-hmac-1.8.2-150100.8.45.1.x86_64",
"product_id": "libgcrypt20-hmac-1.8.2-150100.8.45.1.x86_64"
}
},
{
"category": "product_version",
"name": "libgcrypt20-hmac-32bit-1.8.2-150100.8.45.1.x86_64",
"product": {
"name": "libgcrypt20-hmac-32bit-1.8.2-150100.8.45.1.x86_64",
"product_id": "libgcrypt20-hmac-32bit-1.8.2-150100.8.45.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.1",
"product": {
"name": "SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-microos:5.1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.2",
"product": {
"name": "SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-microos:5.2"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 7.1",
"product": {
"name": "SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:7.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt-devel-1.8.2-150100.8.45.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libgcrypt-devel-1.8.2-150100.8.45.1.aarch64"
},
"product_reference": "libgcrypt-devel-1.8.2-150100.8.45.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt-devel-1.8.2-150100.8.45.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libgcrypt-devel-1.8.2-150100.8.45.1.x86_64"
},
"product_reference": "libgcrypt-devel-1.8.2-150100.8.45.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt-devel-32bit-1.8.2-150100.8.45.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libgcrypt-devel-32bit-1.8.2-150100.8.45.1.x86_64"
},
"product_reference": "libgcrypt-devel-32bit-1.8.2-150100.8.45.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.8.2-150100.8.45.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libgcrypt20-1.8.2-150100.8.45.1.aarch64"
},
"product_reference": "libgcrypt20-1.8.2-150100.8.45.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.8.2-150100.8.45.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libgcrypt20-1.8.2-150100.8.45.1.x86_64"
},
"product_reference": "libgcrypt20-1.8.2-150100.8.45.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-32bit-1.8.2-150100.8.45.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libgcrypt20-32bit-1.8.2-150100.8.45.1.x86_64"
},
"product_reference": "libgcrypt20-32bit-1.8.2-150100.8.45.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-1.8.2-150100.8.45.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libgcrypt20-hmac-1.8.2-150100.8.45.1.aarch64"
},
"product_reference": "libgcrypt20-hmac-1.8.2-150100.8.45.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-1.8.2-150100.8.45.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libgcrypt20-hmac-1.8.2-150100.8.45.1.x86_64"
},
"product_reference": "libgcrypt20-hmac-1.8.2-150100.8.45.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-32bit-1.8.2-150100.8.45.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libgcrypt20-hmac-32bit-1.8.2-150100.8.45.1.x86_64"
},
"product_reference": "libgcrypt20-hmac-32bit-1.8.2-150100.8.45.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt-devel-1.8.2-150100.8.45.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt-devel-1.8.2-150100.8.45.1.aarch64"
},
"product_reference": "libgcrypt-devel-1.8.2-150100.8.45.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt-devel-1.8.2-150100.8.45.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt-devel-1.8.2-150100.8.45.1.ppc64le"
},
"product_reference": "libgcrypt-devel-1.8.2-150100.8.45.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt-devel-1.8.2-150100.8.45.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt-devel-1.8.2-150100.8.45.1.s390x"
},
"product_reference": "libgcrypt-devel-1.8.2-150100.8.45.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt-devel-1.8.2-150100.8.45.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt-devel-1.8.2-150100.8.45.1.x86_64"
},
"product_reference": "libgcrypt-devel-1.8.2-150100.8.45.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt-devel-32bit-1.8.2-150100.8.45.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt-devel-32bit-1.8.2-150100.8.45.1.x86_64"
},
"product_reference": "libgcrypt-devel-32bit-1.8.2-150100.8.45.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.8.2-150100.8.45.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt20-1.8.2-150100.8.45.1.aarch64"
},
"product_reference": "libgcrypt20-1.8.2-150100.8.45.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.8.2-150100.8.45.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt20-1.8.2-150100.8.45.1.ppc64le"
},
"product_reference": "libgcrypt20-1.8.2-150100.8.45.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.8.2-150100.8.45.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt20-1.8.2-150100.8.45.1.s390x"
},
"product_reference": "libgcrypt20-1.8.2-150100.8.45.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.8.2-150100.8.45.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt20-1.8.2-150100.8.45.1.x86_64"
},
"product_reference": "libgcrypt20-1.8.2-150100.8.45.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-32bit-1.8.2-150100.8.45.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt20-32bit-1.8.2-150100.8.45.1.x86_64"
},
"product_reference": "libgcrypt20-32bit-1.8.2-150100.8.45.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-1.8.2-150100.8.45.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt20-hmac-1.8.2-150100.8.45.1.aarch64"
},
"product_reference": "libgcrypt20-hmac-1.8.2-150100.8.45.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-1.8.2-150100.8.45.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt20-hmac-1.8.2-150100.8.45.1.ppc64le"
},
"product_reference": "libgcrypt20-hmac-1.8.2-150100.8.45.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-1.8.2-150100.8.45.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt20-hmac-1.8.2-150100.8.45.1.s390x"
},
"product_reference": "libgcrypt20-hmac-1.8.2-150100.8.45.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-1.8.2-150100.8.45.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt20-hmac-1.8.2-150100.8.45.1.x86_64"
},
"product_reference": "libgcrypt20-hmac-1.8.2-150100.8.45.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-32bit-1.8.2-150100.8.45.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt20-hmac-32bit-1.8.2-150100.8.45.1.x86_64"
},
"product_reference": "libgcrypt20-hmac-32bit-1.8.2-150100.8.45.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt-devel-1.8.2-150100.8.45.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libgcrypt-devel-1.8.2-150100.8.45.1.ppc64le"
},
"product_reference": "libgcrypt-devel-1.8.2-150100.8.45.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt-devel-1.8.2-150100.8.45.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libgcrypt-devel-1.8.2-150100.8.45.1.x86_64"
},
"product_reference": "libgcrypt-devel-1.8.2-150100.8.45.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt-devel-32bit-1.8.2-150100.8.45.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libgcrypt-devel-32bit-1.8.2-150100.8.45.1.x86_64"
},
"product_reference": "libgcrypt-devel-32bit-1.8.2-150100.8.45.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.8.2-150100.8.45.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libgcrypt20-1.8.2-150100.8.45.1.ppc64le"
},
"product_reference": "libgcrypt20-1.8.2-150100.8.45.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.8.2-150100.8.45.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libgcrypt20-1.8.2-150100.8.45.1.x86_64"
},
"product_reference": "libgcrypt20-1.8.2-150100.8.45.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-32bit-1.8.2-150100.8.45.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libgcrypt20-32bit-1.8.2-150100.8.45.1.x86_64"
},
"product_reference": "libgcrypt20-32bit-1.8.2-150100.8.45.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-1.8.2-150100.8.45.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libgcrypt20-hmac-1.8.2-150100.8.45.1.ppc64le"
},
"product_reference": "libgcrypt20-hmac-1.8.2-150100.8.45.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-1.8.2-150100.8.45.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libgcrypt20-hmac-1.8.2-150100.8.45.1.x86_64"
},
"product_reference": "libgcrypt20-hmac-1.8.2-150100.8.45.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-32bit-1.8.2-150100.8.45.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libgcrypt20-hmac-32bit-1.8.2-150100.8.45.1.x86_64"
},
"product_reference": "libgcrypt20-hmac-32bit-1.8.2-150100.8.45.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.8.2-150100.8.45.1.aarch64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:libgcrypt20-1.8.2-150100.8.45.1.aarch64"
},
"product_reference": "libgcrypt20-1.8.2-150100.8.45.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.8.2-150100.8.45.1.s390x as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:libgcrypt20-1.8.2-150100.8.45.1.s390x"
},
"product_reference": "libgcrypt20-1.8.2-150100.8.45.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.8.2-150100.8.45.1.x86_64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:libgcrypt20-1.8.2-150100.8.45.1.x86_64"
},
"product_reference": "libgcrypt20-1.8.2-150100.8.45.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-1.8.2-150100.8.45.1.aarch64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:libgcrypt20-hmac-1.8.2-150100.8.45.1.aarch64"
},
"product_reference": "libgcrypt20-hmac-1.8.2-150100.8.45.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-1.8.2-150100.8.45.1.s390x as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:libgcrypt20-hmac-1.8.2-150100.8.45.1.s390x"
},
"product_reference": "libgcrypt20-hmac-1.8.2-150100.8.45.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-1.8.2-150100.8.45.1.x86_64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:libgcrypt20-hmac-1.8.2-150100.8.45.1.x86_64"
},
"product_reference": "libgcrypt20-hmac-1.8.2-150100.8.45.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.8.2-150100.8.45.1.aarch64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:libgcrypt20-1.8.2-150100.8.45.1.aarch64"
},
"product_reference": "libgcrypt20-1.8.2-150100.8.45.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.8.2-150100.8.45.1.s390x as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:libgcrypt20-1.8.2-150100.8.45.1.s390x"
},
"product_reference": "libgcrypt20-1.8.2-150100.8.45.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.8.2-150100.8.45.1.x86_64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:libgcrypt20-1.8.2-150100.8.45.1.x86_64"
},
"product_reference": "libgcrypt20-1.8.2-150100.8.45.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-1.8.2-150100.8.45.1.aarch64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:libgcrypt20-hmac-1.8.2-150100.8.45.1.aarch64"
},
"product_reference": "libgcrypt20-hmac-1.8.2-150100.8.45.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-1.8.2-150100.8.45.1.s390x as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:libgcrypt20-hmac-1.8.2-150100.8.45.1.s390x"
},
"product_reference": "libgcrypt20-hmac-1.8.2-150100.8.45.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-1.8.2-150100.8.45.1.x86_64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:libgcrypt20-hmac-1.8.2-150100.8.45.1.x86_64"
},
"product_reference": "libgcrypt20-hmac-1.8.2-150100.8.45.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt-devel-1.8.2-150100.8.45.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:libgcrypt-devel-1.8.2-150100.8.45.1.aarch64"
},
"product_reference": "libgcrypt-devel-1.8.2-150100.8.45.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt-devel-1.8.2-150100.8.45.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:libgcrypt-devel-1.8.2-150100.8.45.1.x86_64"
},
"product_reference": "libgcrypt-devel-1.8.2-150100.8.45.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt-devel-32bit-1.8.2-150100.8.45.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:libgcrypt-devel-32bit-1.8.2-150100.8.45.1.x86_64"
},
"product_reference": "libgcrypt-devel-32bit-1.8.2-150100.8.45.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.8.2-150100.8.45.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:libgcrypt20-1.8.2-150100.8.45.1.aarch64"
},
"product_reference": "libgcrypt20-1.8.2-150100.8.45.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.8.2-150100.8.45.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:libgcrypt20-1.8.2-150100.8.45.1.x86_64"
},
"product_reference": "libgcrypt20-1.8.2-150100.8.45.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-32bit-1.8.2-150100.8.45.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:libgcrypt20-32bit-1.8.2-150100.8.45.1.x86_64"
},
"product_reference": "libgcrypt20-32bit-1.8.2-150100.8.45.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-1.8.2-150100.8.45.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:libgcrypt20-hmac-1.8.2-150100.8.45.1.aarch64"
},
"product_reference": "libgcrypt20-hmac-1.8.2-150100.8.45.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-1.8.2-150100.8.45.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:libgcrypt20-hmac-1.8.2-150100.8.45.1.x86_64"
},
"product_reference": "libgcrypt20-hmac-1.8.2-150100.8.45.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-32bit-1.8.2-150100.8.45.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:libgcrypt20-hmac-32bit-1.8.2-150100.8.45.1.x86_64"
},
"product_reference": "libgcrypt20-hmac-32bit-1.8.2-150100.8.45.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-2236",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-2236"
}
],
"notes": [
{
"category": "general",
"text": "A timing-based side-channel flaw was found in libgcrypt\u0027s RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:libgcrypt-devel-1.8.2-150100.8.45.1.aarch64",
"SUSE Enterprise Storage 7.1:libgcrypt-devel-1.8.2-150100.8.45.1.x86_64",
"SUSE Enterprise Storage 7.1:libgcrypt-devel-32bit-1.8.2-150100.8.45.1.x86_64",
"SUSE Enterprise Storage 7.1:libgcrypt20-1.8.2-150100.8.45.1.aarch64",
"SUSE Enterprise Storage 7.1:libgcrypt20-1.8.2-150100.8.45.1.x86_64",
"SUSE Enterprise Storage 7.1:libgcrypt20-32bit-1.8.2-150100.8.45.1.x86_64",
"SUSE Enterprise Storage 7.1:libgcrypt20-hmac-1.8.2-150100.8.45.1.aarch64",
"SUSE Enterprise Storage 7.1:libgcrypt20-hmac-1.8.2-150100.8.45.1.x86_64",
"SUSE Enterprise Storage 7.1:libgcrypt20-hmac-32bit-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libgcrypt-devel-1.8.2-150100.8.45.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libgcrypt-devel-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libgcrypt-devel-32bit-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libgcrypt20-1.8.2-150100.8.45.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libgcrypt20-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libgcrypt20-32bit-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libgcrypt20-hmac-1.8.2-150100.8.45.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libgcrypt20-hmac-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libgcrypt20-hmac-32bit-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libgcrypt20-1.8.2-150100.8.45.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libgcrypt20-1.8.2-150100.8.45.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libgcrypt20-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libgcrypt20-hmac-1.8.2-150100.8.45.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libgcrypt20-hmac-1.8.2-150100.8.45.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libgcrypt20-hmac-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:libgcrypt20-1.8.2-150100.8.45.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:libgcrypt20-1.8.2-150100.8.45.1.s390x",
"SUSE Linux Enterprise Micro 5.2:libgcrypt20-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:libgcrypt20-hmac-1.8.2-150100.8.45.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:libgcrypt20-hmac-1.8.2-150100.8.45.1.s390x",
"SUSE Linux Enterprise Micro 5.2:libgcrypt20-hmac-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt-devel-1.8.2-150100.8.45.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt-devel-1.8.2-150100.8.45.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt-devel-1.8.2-150100.8.45.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt-devel-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt-devel-32bit-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt20-1.8.2-150100.8.45.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt20-1.8.2-150100.8.45.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt20-1.8.2-150100.8.45.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt20-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt20-32bit-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt20-hmac-1.8.2-150100.8.45.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt20-hmac-1.8.2-150100.8.45.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt20-hmac-1.8.2-150100.8.45.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt20-hmac-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt20-hmac-32bit-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libgcrypt-devel-1.8.2-150100.8.45.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libgcrypt-devel-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libgcrypt-devel-32bit-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libgcrypt20-1.8.2-150100.8.45.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libgcrypt20-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libgcrypt20-32bit-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libgcrypt20-hmac-1.8.2-150100.8.45.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libgcrypt20-hmac-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libgcrypt20-hmac-32bit-1.8.2-150100.8.45.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-2236",
"url": "https://www.suse.com/security/cve/CVE-2024-2236"
},
{
"category": "external",
"summary": "SUSE Bug 1221107 for CVE-2024-2236",
"url": "https://bugzilla.suse.com/1221107"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:libgcrypt-devel-1.8.2-150100.8.45.1.aarch64",
"SUSE Enterprise Storage 7.1:libgcrypt-devel-1.8.2-150100.8.45.1.x86_64",
"SUSE Enterprise Storage 7.1:libgcrypt-devel-32bit-1.8.2-150100.8.45.1.x86_64",
"SUSE Enterprise Storage 7.1:libgcrypt20-1.8.2-150100.8.45.1.aarch64",
"SUSE Enterprise Storage 7.1:libgcrypt20-1.8.2-150100.8.45.1.x86_64",
"SUSE Enterprise Storage 7.1:libgcrypt20-32bit-1.8.2-150100.8.45.1.x86_64",
"SUSE Enterprise Storage 7.1:libgcrypt20-hmac-1.8.2-150100.8.45.1.aarch64",
"SUSE Enterprise Storage 7.1:libgcrypt20-hmac-1.8.2-150100.8.45.1.x86_64",
"SUSE Enterprise Storage 7.1:libgcrypt20-hmac-32bit-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libgcrypt-devel-1.8.2-150100.8.45.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libgcrypt-devel-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libgcrypt-devel-32bit-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libgcrypt20-1.8.2-150100.8.45.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libgcrypt20-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libgcrypt20-32bit-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libgcrypt20-hmac-1.8.2-150100.8.45.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libgcrypt20-hmac-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libgcrypt20-hmac-32bit-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libgcrypt20-1.8.2-150100.8.45.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libgcrypt20-1.8.2-150100.8.45.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libgcrypt20-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libgcrypt20-hmac-1.8.2-150100.8.45.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libgcrypt20-hmac-1.8.2-150100.8.45.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libgcrypt20-hmac-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:libgcrypt20-1.8.2-150100.8.45.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:libgcrypt20-1.8.2-150100.8.45.1.s390x",
"SUSE Linux Enterprise Micro 5.2:libgcrypt20-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:libgcrypt20-hmac-1.8.2-150100.8.45.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:libgcrypt20-hmac-1.8.2-150100.8.45.1.s390x",
"SUSE Linux Enterprise Micro 5.2:libgcrypt20-hmac-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt-devel-1.8.2-150100.8.45.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt-devel-1.8.2-150100.8.45.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt-devel-1.8.2-150100.8.45.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt-devel-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt-devel-32bit-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt20-1.8.2-150100.8.45.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt20-1.8.2-150100.8.45.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt20-1.8.2-150100.8.45.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt20-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt20-32bit-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt20-hmac-1.8.2-150100.8.45.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt20-hmac-1.8.2-150100.8.45.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt20-hmac-1.8.2-150100.8.45.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt20-hmac-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt20-hmac-32bit-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libgcrypt-devel-1.8.2-150100.8.45.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libgcrypt-devel-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libgcrypt-devel-32bit-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libgcrypt20-1.8.2-150100.8.45.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libgcrypt20-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libgcrypt20-32bit-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libgcrypt20-hmac-1.8.2-150100.8.45.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libgcrypt20-hmac-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libgcrypt20-hmac-32bit-1.8.2-150100.8.45.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:libgcrypt-devel-1.8.2-150100.8.45.1.aarch64",
"SUSE Enterprise Storage 7.1:libgcrypt-devel-1.8.2-150100.8.45.1.x86_64",
"SUSE Enterprise Storage 7.1:libgcrypt-devel-32bit-1.8.2-150100.8.45.1.x86_64",
"SUSE Enterprise Storage 7.1:libgcrypt20-1.8.2-150100.8.45.1.aarch64",
"SUSE Enterprise Storage 7.1:libgcrypt20-1.8.2-150100.8.45.1.x86_64",
"SUSE Enterprise Storage 7.1:libgcrypt20-32bit-1.8.2-150100.8.45.1.x86_64",
"SUSE Enterprise Storage 7.1:libgcrypt20-hmac-1.8.2-150100.8.45.1.aarch64",
"SUSE Enterprise Storage 7.1:libgcrypt20-hmac-1.8.2-150100.8.45.1.x86_64",
"SUSE Enterprise Storage 7.1:libgcrypt20-hmac-32bit-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libgcrypt-devel-1.8.2-150100.8.45.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libgcrypt-devel-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libgcrypt-devel-32bit-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libgcrypt20-1.8.2-150100.8.45.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libgcrypt20-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libgcrypt20-32bit-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libgcrypt20-hmac-1.8.2-150100.8.45.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libgcrypt20-hmac-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libgcrypt20-hmac-32bit-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libgcrypt20-1.8.2-150100.8.45.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libgcrypt20-1.8.2-150100.8.45.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libgcrypt20-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libgcrypt20-hmac-1.8.2-150100.8.45.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libgcrypt20-hmac-1.8.2-150100.8.45.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libgcrypt20-hmac-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:libgcrypt20-1.8.2-150100.8.45.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:libgcrypt20-1.8.2-150100.8.45.1.s390x",
"SUSE Linux Enterprise Micro 5.2:libgcrypt20-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:libgcrypt20-hmac-1.8.2-150100.8.45.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:libgcrypt20-hmac-1.8.2-150100.8.45.1.s390x",
"SUSE Linux Enterprise Micro 5.2:libgcrypt20-hmac-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt-devel-1.8.2-150100.8.45.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt-devel-1.8.2-150100.8.45.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt-devel-1.8.2-150100.8.45.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt-devel-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt-devel-32bit-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt20-1.8.2-150100.8.45.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt20-1.8.2-150100.8.45.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt20-1.8.2-150100.8.45.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt20-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt20-32bit-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt20-hmac-1.8.2-150100.8.45.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt20-hmac-1.8.2-150100.8.45.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt20-hmac-1.8.2-150100.8.45.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt20-hmac-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libgcrypt20-hmac-32bit-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libgcrypt-devel-1.8.2-150100.8.45.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libgcrypt-devel-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libgcrypt-devel-32bit-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libgcrypt20-1.8.2-150100.8.45.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libgcrypt20-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libgcrypt20-32bit-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libgcrypt20-hmac-1.8.2-150100.8.45.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libgcrypt20-hmac-1.8.2-150100.8.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libgcrypt20-hmac-32bit-1.8.2-150100.8.45.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-11T13:15:24Z",
"details": "moderate"
}
],
"title": "CVE-2024-2236"
}
]
}
SUSE-SU-2025:02756-1
Vulnerability from csaf_suse - Published: 2025-08-12 08:23 - Updated: 2025-08-12 08:23Summary
Security update for libgcrypt
Severity
Moderate
Notes
Title of the patch: Security update for libgcrypt
Description of the patch: This update for libgcrypt fixes the following issues:
- CVE-2024-2236: timing-based side-channel flaw in RSA implementation can lead to decryption of RSA ciphertexts (bsc#1221107).
Patchnames: SUSE-2025-2756,SUSE-SLE-SERVER-12-SP5-LTSS-2025-2756,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-2756
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.9 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt-devel-1.6.1-16.86.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt-devel-1.6.1-16.86.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt-devel-1.6.1-16.86.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt-devel-1.6.1-16.86.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt20-1.6.1-16.86.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt20-1.6.1-16.86.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt20-1.6.1-16.86.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt20-1.6.1-16.86.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt20-32bit-1.6.1-16.86.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt20-32bit-1.6.1-16.86.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt20-hmac-1.6.1-16.86.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt20-hmac-1.6.1-16.86.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt20-hmac-1.6.1-16.86.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt20-hmac-1.6.1-16.86.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt20-hmac-32bit-1.6.1-16.86.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt20-hmac-32bit-1.6.1-16.86.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libgcrypt-devel-1.6.1-16.86.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libgcrypt20-1.6.1-16.86.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libgcrypt20-32bit-1.6.1-16.86.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libgcrypt20-hmac-1.6.1-16.86.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libgcrypt20-hmac-32bit-1.6.1-16.86.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
8 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for libgcrypt",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for libgcrypt fixes the following issues:\n\n- CVE-2024-2236: timing-based side-channel flaw in RSA implementation can lead to decryption of RSA ciphertexts (bsc#1221107).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-2756,SUSE-SLE-SERVER-12-SP5-LTSS-2025-2756,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-2756",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_02756-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:02756-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502756-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:02756-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-August/041170.html"
},
{
"category": "self",
"summary": "SUSE Bug 1221107",
"url": "https://bugzilla.suse.com/1221107"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-2236 page",
"url": "https://www.suse.com/security/cve/CVE-2024-2236/"
}
],
"title": "Security update for libgcrypt",
"tracking": {
"current_release_date": "2025-08-12T08:23:08Z",
"generator": {
"date": "2025-08-12T08:23:08Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:02756-1",
"initial_release_date": "2025-08-12T08:23:08Z",
"revision_history": [
{
"date": "2025-08-12T08:23:08Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libgcrypt-cavs-1.6.1-16.86.1.aarch64",
"product": {
"name": "libgcrypt-cavs-1.6.1-16.86.1.aarch64",
"product_id": "libgcrypt-cavs-1.6.1-16.86.1.aarch64"
}
},
{
"category": "product_version",
"name": "libgcrypt-devel-1.6.1-16.86.1.aarch64",
"product": {
"name": "libgcrypt-devel-1.6.1-16.86.1.aarch64",
"product_id": "libgcrypt-devel-1.6.1-16.86.1.aarch64"
}
},
{
"category": "product_version",
"name": "libgcrypt20-1.6.1-16.86.1.aarch64",
"product": {
"name": "libgcrypt20-1.6.1-16.86.1.aarch64",
"product_id": "libgcrypt20-1.6.1-16.86.1.aarch64"
}
},
{
"category": "product_version",
"name": "libgcrypt20-hmac-1.6.1-16.86.1.aarch64",
"product": {
"name": "libgcrypt20-hmac-1.6.1-16.86.1.aarch64",
"product_id": "libgcrypt20-hmac-1.6.1-16.86.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libgcrypt-devel-64bit-1.6.1-16.86.1.aarch64_ilp32",
"product": {
"name": "libgcrypt-devel-64bit-1.6.1-16.86.1.aarch64_ilp32",
"product_id": "libgcrypt-devel-64bit-1.6.1-16.86.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libgcrypt20-64bit-1.6.1-16.86.1.aarch64_ilp32",
"product": {
"name": "libgcrypt20-64bit-1.6.1-16.86.1.aarch64_ilp32",
"product_id": "libgcrypt20-64bit-1.6.1-16.86.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libgcrypt20-hmac-64bit-1.6.1-16.86.1.aarch64_ilp32",
"product": {
"name": "libgcrypt20-hmac-64bit-1.6.1-16.86.1.aarch64_ilp32",
"product_id": "libgcrypt20-hmac-64bit-1.6.1-16.86.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "libgcrypt-cavs-1.6.1-16.86.1.i586",
"product": {
"name": "libgcrypt-cavs-1.6.1-16.86.1.i586",
"product_id": "libgcrypt-cavs-1.6.1-16.86.1.i586"
}
},
{
"category": "product_version",
"name": "libgcrypt-devel-1.6.1-16.86.1.i586",
"product": {
"name": "libgcrypt-devel-1.6.1-16.86.1.i586",
"product_id": "libgcrypt-devel-1.6.1-16.86.1.i586"
}
},
{
"category": "product_version",
"name": "libgcrypt20-1.6.1-16.86.1.i586",
"product": {
"name": "libgcrypt20-1.6.1-16.86.1.i586",
"product_id": "libgcrypt20-1.6.1-16.86.1.i586"
}
},
{
"category": "product_version",
"name": "libgcrypt20-hmac-1.6.1-16.86.1.i586",
"product": {
"name": "libgcrypt20-hmac-1.6.1-16.86.1.i586",
"product_id": "libgcrypt20-hmac-1.6.1-16.86.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "libgcrypt-cavs-1.6.1-16.86.1.ppc64le",
"product": {
"name": "libgcrypt-cavs-1.6.1-16.86.1.ppc64le",
"product_id": "libgcrypt-cavs-1.6.1-16.86.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libgcrypt-devel-1.6.1-16.86.1.ppc64le",
"product": {
"name": "libgcrypt-devel-1.6.1-16.86.1.ppc64le",
"product_id": "libgcrypt-devel-1.6.1-16.86.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libgcrypt20-1.6.1-16.86.1.ppc64le",
"product": {
"name": "libgcrypt20-1.6.1-16.86.1.ppc64le",
"product_id": "libgcrypt20-1.6.1-16.86.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libgcrypt20-hmac-1.6.1-16.86.1.ppc64le",
"product": {
"name": "libgcrypt20-hmac-1.6.1-16.86.1.ppc64le",
"product_id": "libgcrypt20-hmac-1.6.1-16.86.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libgcrypt-cavs-1.6.1-16.86.1.s390",
"product": {
"name": "libgcrypt-cavs-1.6.1-16.86.1.s390",
"product_id": "libgcrypt-cavs-1.6.1-16.86.1.s390"
}
},
{
"category": "product_version",
"name": "libgcrypt-devel-1.6.1-16.86.1.s390",
"product": {
"name": "libgcrypt-devel-1.6.1-16.86.1.s390",
"product_id": "libgcrypt-devel-1.6.1-16.86.1.s390"
}
},
{
"category": "product_version",
"name": "libgcrypt20-1.6.1-16.86.1.s390",
"product": {
"name": "libgcrypt20-1.6.1-16.86.1.s390",
"product_id": "libgcrypt20-1.6.1-16.86.1.s390"
}
},
{
"category": "product_version",
"name": "libgcrypt20-hmac-1.6.1-16.86.1.s390",
"product": {
"name": "libgcrypt20-hmac-1.6.1-16.86.1.s390",
"product_id": "libgcrypt20-hmac-1.6.1-16.86.1.s390"
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "libgcrypt-cavs-1.6.1-16.86.1.s390x",
"product": {
"name": "libgcrypt-cavs-1.6.1-16.86.1.s390x",
"product_id": "libgcrypt-cavs-1.6.1-16.86.1.s390x"
}
},
{
"category": "product_version",
"name": "libgcrypt-devel-1.6.1-16.86.1.s390x",
"product": {
"name": "libgcrypt-devel-1.6.1-16.86.1.s390x",
"product_id": "libgcrypt-devel-1.6.1-16.86.1.s390x"
}
},
{
"category": "product_version",
"name": "libgcrypt-devel-32bit-1.6.1-16.86.1.s390x",
"product": {
"name": "libgcrypt-devel-32bit-1.6.1-16.86.1.s390x",
"product_id": "libgcrypt-devel-32bit-1.6.1-16.86.1.s390x"
}
},
{
"category": "product_version",
"name": "libgcrypt20-1.6.1-16.86.1.s390x",
"product": {
"name": "libgcrypt20-1.6.1-16.86.1.s390x",
"product_id": "libgcrypt20-1.6.1-16.86.1.s390x"
}
},
{
"category": "product_version",
"name": "libgcrypt20-32bit-1.6.1-16.86.1.s390x",
"product": {
"name": "libgcrypt20-32bit-1.6.1-16.86.1.s390x",
"product_id": "libgcrypt20-32bit-1.6.1-16.86.1.s390x"
}
},
{
"category": "product_version",
"name": "libgcrypt20-hmac-1.6.1-16.86.1.s390x",
"product": {
"name": "libgcrypt20-hmac-1.6.1-16.86.1.s390x",
"product_id": "libgcrypt20-hmac-1.6.1-16.86.1.s390x"
}
},
{
"category": "product_version",
"name": "libgcrypt20-hmac-32bit-1.6.1-16.86.1.s390x",
"product": {
"name": "libgcrypt20-hmac-32bit-1.6.1-16.86.1.s390x",
"product_id": "libgcrypt20-hmac-32bit-1.6.1-16.86.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libgcrypt-cavs-1.6.1-16.86.1.x86_64",
"product": {
"name": "libgcrypt-cavs-1.6.1-16.86.1.x86_64",
"product_id": "libgcrypt-cavs-1.6.1-16.86.1.x86_64"
}
},
{
"category": "product_version",
"name": "libgcrypt-devel-1.6.1-16.86.1.x86_64",
"product": {
"name": "libgcrypt-devel-1.6.1-16.86.1.x86_64",
"product_id": "libgcrypt-devel-1.6.1-16.86.1.x86_64"
}
},
{
"category": "product_version",
"name": "libgcrypt-devel-32bit-1.6.1-16.86.1.x86_64",
"product": {
"name": "libgcrypt-devel-32bit-1.6.1-16.86.1.x86_64",
"product_id": "libgcrypt-devel-32bit-1.6.1-16.86.1.x86_64"
}
},
{
"category": "product_version",
"name": "libgcrypt20-1.6.1-16.86.1.x86_64",
"product": {
"name": "libgcrypt20-1.6.1-16.86.1.x86_64",
"product_id": "libgcrypt20-1.6.1-16.86.1.x86_64"
}
},
{
"category": "product_version",
"name": "libgcrypt20-32bit-1.6.1-16.86.1.x86_64",
"product": {
"name": "libgcrypt20-32bit-1.6.1-16.86.1.x86_64",
"product_id": "libgcrypt20-32bit-1.6.1-16.86.1.x86_64"
}
},
{
"category": "product_version",
"name": "libgcrypt20-hmac-1.6.1-16.86.1.x86_64",
"product": {
"name": "libgcrypt20-hmac-1.6.1-16.86.1.x86_64",
"product_id": "libgcrypt20-hmac-1.6.1-16.86.1.x86_64"
}
},
{
"category": "product_version",
"name": "libgcrypt20-hmac-32bit-1.6.1-16.86.1.x86_64",
"product": {
"name": "libgcrypt20-hmac-32bit-1.6.1-16.86.1.x86_64",
"product_id": "libgcrypt20-hmac-32bit-1.6.1-16.86.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss-extended-security:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt-devel-1.6.1-16.86.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt-devel-1.6.1-16.86.1.aarch64"
},
"product_reference": "libgcrypt-devel-1.6.1-16.86.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt-devel-1.6.1-16.86.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt-devel-1.6.1-16.86.1.ppc64le"
},
"product_reference": "libgcrypt-devel-1.6.1-16.86.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt-devel-1.6.1-16.86.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt-devel-1.6.1-16.86.1.s390x"
},
"product_reference": "libgcrypt-devel-1.6.1-16.86.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt-devel-1.6.1-16.86.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt-devel-1.6.1-16.86.1.x86_64"
},
"product_reference": "libgcrypt-devel-1.6.1-16.86.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.6.1-16.86.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt20-1.6.1-16.86.1.aarch64"
},
"product_reference": "libgcrypt20-1.6.1-16.86.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.6.1-16.86.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt20-1.6.1-16.86.1.ppc64le"
},
"product_reference": "libgcrypt20-1.6.1-16.86.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.6.1-16.86.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt20-1.6.1-16.86.1.s390x"
},
"product_reference": "libgcrypt20-1.6.1-16.86.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.6.1-16.86.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt20-1.6.1-16.86.1.x86_64"
},
"product_reference": "libgcrypt20-1.6.1-16.86.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-32bit-1.6.1-16.86.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt20-32bit-1.6.1-16.86.1.s390x"
},
"product_reference": "libgcrypt20-32bit-1.6.1-16.86.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-32bit-1.6.1-16.86.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt20-32bit-1.6.1-16.86.1.x86_64"
},
"product_reference": "libgcrypt20-32bit-1.6.1-16.86.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-1.6.1-16.86.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt20-hmac-1.6.1-16.86.1.aarch64"
},
"product_reference": "libgcrypt20-hmac-1.6.1-16.86.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-1.6.1-16.86.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt20-hmac-1.6.1-16.86.1.ppc64le"
},
"product_reference": "libgcrypt20-hmac-1.6.1-16.86.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-1.6.1-16.86.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt20-hmac-1.6.1-16.86.1.s390x"
},
"product_reference": "libgcrypt20-hmac-1.6.1-16.86.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-1.6.1-16.86.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt20-hmac-1.6.1-16.86.1.x86_64"
},
"product_reference": "libgcrypt20-hmac-1.6.1-16.86.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-32bit-1.6.1-16.86.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt20-hmac-32bit-1.6.1-16.86.1.s390x"
},
"product_reference": "libgcrypt20-hmac-32bit-1.6.1-16.86.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-32bit-1.6.1-16.86.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt20-hmac-32bit-1.6.1-16.86.1.x86_64"
},
"product_reference": "libgcrypt20-hmac-32bit-1.6.1-16.86.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt-devel-1.6.1-16.86.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libgcrypt-devel-1.6.1-16.86.1.x86_64"
},
"product_reference": "libgcrypt-devel-1.6.1-16.86.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.6.1-16.86.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libgcrypt20-1.6.1-16.86.1.x86_64"
},
"product_reference": "libgcrypt20-1.6.1-16.86.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-32bit-1.6.1-16.86.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libgcrypt20-32bit-1.6.1-16.86.1.x86_64"
},
"product_reference": "libgcrypt20-32bit-1.6.1-16.86.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-1.6.1-16.86.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libgcrypt20-hmac-1.6.1-16.86.1.x86_64"
},
"product_reference": "libgcrypt20-hmac-1.6.1-16.86.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-32bit-1.6.1-16.86.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libgcrypt20-hmac-32bit-1.6.1-16.86.1.x86_64"
},
"product_reference": "libgcrypt20-hmac-32bit-1.6.1-16.86.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-2236",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-2236"
}
],
"notes": [
{
"category": "general",
"text": "A timing-based side-channel flaw was found in libgcrypt\u0027s RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt-devel-1.6.1-16.86.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt-devel-1.6.1-16.86.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt-devel-1.6.1-16.86.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt-devel-1.6.1-16.86.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt20-1.6.1-16.86.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt20-1.6.1-16.86.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt20-1.6.1-16.86.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt20-1.6.1-16.86.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt20-32bit-1.6.1-16.86.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt20-32bit-1.6.1-16.86.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt20-hmac-1.6.1-16.86.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt20-hmac-1.6.1-16.86.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt20-hmac-1.6.1-16.86.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt20-hmac-1.6.1-16.86.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt20-hmac-32bit-1.6.1-16.86.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt20-hmac-32bit-1.6.1-16.86.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libgcrypt-devel-1.6.1-16.86.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libgcrypt20-1.6.1-16.86.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libgcrypt20-32bit-1.6.1-16.86.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libgcrypt20-hmac-1.6.1-16.86.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libgcrypt20-hmac-32bit-1.6.1-16.86.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-2236",
"url": "https://www.suse.com/security/cve/CVE-2024-2236"
},
{
"category": "external",
"summary": "SUSE Bug 1221107 for CVE-2024-2236",
"url": "https://bugzilla.suse.com/1221107"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt-devel-1.6.1-16.86.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt-devel-1.6.1-16.86.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt-devel-1.6.1-16.86.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt-devel-1.6.1-16.86.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt20-1.6.1-16.86.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt20-1.6.1-16.86.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt20-1.6.1-16.86.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt20-1.6.1-16.86.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt20-32bit-1.6.1-16.86.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt20-32bit-1.6.1-16.86.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt20-hmac-1.6.1-16.86.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt20-hmac-1.6.1-16.86.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt20-hmac-1.6.1-16.86.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt20-hmac-1.6.1-16.86.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt20-hmac-32bit-1.6.1-16.86.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt20-hmac-32bit-1.6.1-16.86.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libgcrypt-devel-1.6.1-16.86.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libgcrypt20-1.6.1-16.86.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libgcrypt20-32bit-1.6.1-16.86.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libgcrypt20-hmac-1.6.1-16.86.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libgcrypt20-hmac-32bit-1.6.1-16.86.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt-devel-1.6.1-16.86.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt-devel-1.6.1-16.86.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt-devel-1.6.1-16.86.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt-devel-1.6.1-16.86.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt20-1.6.1-16.86.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt20-1.6.1-16.86.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt20-1.6.1-16.86.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt20-1.6.1-16.86.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt20-32bit-1.6.1-16.86.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt20-32bit-1.6.1-16.86.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt20-hmac-1.6.1-16.86.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt20-hmac-1.6.1-16.86.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt20-hmac-1.6.1-16.86.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt20-hmac-1.6.1-16.86.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt20-hmac-32bit-1.6.1-16.86.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libgcrypt20-hmac-32bit-1.6.1-16.86.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libgcrypt-devel-1.6.1-16.86.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libgcrypt20-1.6.1-16.86.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libgcrypt20-32bit-1.6.1-16.86.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libgcrypt20-hmac-1.6.1-16.86.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libgcrypt20-hmac-32bit-1.6.1-16.86.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-12T08:23:08Z",
"details": "moderate"
}
],
"title": "CVE-2024-2236"
}
]
}
SUSE-SU-2025:02773-1
Vulnerability from csaf_suse - Published: 2025-08-13 00:10 - Updated: 2025-08-13 00:10Summary
Security update for libgcrypt
Severity
Moderate
Notes
Title of the patch: Security update for libgcrypt
Description of the patch: This update for libgcrypt fixes the following issues:
- CVE-2024-2236: timing-based side-channel flaw in RSA implementation can lead to decryption of RSA ciphertexts (bsc#1221107).
Patchnames: SUSE-2025-2773,SUSE-SLE-Micro-5.5-2025-2773,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-2773,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-2773,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-2773,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-2773
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.9 (Medium)
Affected products
Recommended
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libgcrypt-cavs-1.9.4-150500.12.3.3.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libgcrypt-devel-1.9.4-150500.12.3.3.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libgcrypt-devel-1.9.4-150500.12.3.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libgcrypt20-1.9.4-150500.12.3.3.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libgcrypt20-1.9.4-150500.12.3.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libgcrypt20-32bit-1.9.4-150500.12.3.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libgcrypt20-hmac-1.9.4-150500.12.3.3.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libgcrypt20-hmac-1.9.4-150500.12.3.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libgcrypt20-hmac-32bit-1.9.4-150500.12.3.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libgcrypt-cavs-1.9.4-150500.12.3.3.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libgcrypt-devel-1.9.4-150500.12.3.3.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libgcrypt-devel-1.9.4-150500.12.3.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libgcrypt20-1.9.4-150500.12.3.3.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libgcrypt20-1.9.4-150500.12.3.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libgcrypt20-32bit-1.9.4-150500.12.3.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libgcrypt20-hmac-1.9.4-150500.12.3.3.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libgcrypt20-hmac-1.9.4-150500.12.3.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libgcrypt20-hmac-32bit-1.9.4-150500.12.3.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libgcrypt20-1.9.4-150500.12.3.3.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libgcrypt20-1.9.4-150500.12.3.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libgcrypt20-1.9.4-150500.12.3.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libgcrypt20-1.9.4-150500.12.3.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libgcrypt20-hmac-1.9.4-150500.12.3.3.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libgcrypt20-hmac-1.9.4-150500.12.3.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libgcrypt20-hmac-1.9.4-150500.12.3.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libgcrypt20-hmac-1.9.4-150500.12.3.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt-cavs-1.9.4-150500.12.3.3.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt-devel-1.9.4-150500.12.3.3.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt-devel-1.9.4-150500.12.3.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt-devel-1.9.4-150500.12.3.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt-devel-1.9.4-150500.12.3.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt20-1.9.4-150500.12.3.3.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt20-1.9.4-150500.12.3.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt20-1.9.4-150500.12.3.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt20-1.9.4-150500.12.3.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt20-32bit-1.9.4-150500.12.3.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt20-hmac-1.9.4-150500.12.3.3.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt20-hmac-1.9.4-150500.12.3.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt20-hmac-1.9.4-150500.12.3.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt20-hmac-1.9.4-150500.12.3.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt20-hmac-32bit-1.9.4-150500.12.3.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libgcrypt-devel-1.9.4-150500.12.3.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libgcrypt-devel-1.9.4-150500.12.3.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libgcrypt20-1.9.4-150500.12.3.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libgcrypt20-1.9.4-150500.12.3.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libgcrypt20-32bit-1.9.4-150500.12.3.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libgcrypt20-hmac-1.9.4-150500.12.3.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libgcrypt20-hmac-1.9.4-150500.12.3.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libgcrypt20-hmac-32bit-1.9.4-150500.12.3.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
8 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for libgcrypt",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for libgcrypt fixes the following issues:\n\n- CVE-2024-2236: timing-based side-channel flaw in RSA implementation can lead to decryption of RSA ciphertexts (bsc#1221107).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-2773,SUSE-SLE-Micro-5.5-2025-2773,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-2773,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-2773,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-2773,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-2773",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_02773-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:02773-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502773-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:02773-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-August/041193.html"
},
{
"category": "self",
"summary": "SUSE Bug 1221107",
"url": "https://bugzilla.suse.com/1221107"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-2236 page",
"url": "https://www.suse.com/security/cve/CVE-2024-2236/"
}
],
"title": "Security update for libgcrypt",
"tracking": {
"current_release_date": "2025-08-13T00:10:27Z",
"generator": {
"date": "2025-08-13T00:10:27Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:02773-1",
"initial_release_date": "2025-08-13T00:10:27Z",
"revision_history": [
{
"date": "2025-08-13T00:10:27Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libgcrypt-cavs-1.9.4-150500.12.3.3.aarch64",
"product": {
"name": "libgcrypt-cavs-1.9.4-150500.12.3.3.aarch64",
"product_id": "libgcrypt-cavs-1.9.4-150500.12.3.3.aarch64"
}
},
{
"category": "product_version",
"name": "libgcrypt-devel-1.9.4-150500.12.3.3.aarch64",
"product": {
"name": "libgcrypt-devel-1.9.4-150500.12.3.3.aarch64",
"product_id": "libgcrypt-devel-1.9.4-150500.12.3.3.aarch64"
}
},
{
"category": "product_version",
"name": "libgcrypt20-1.9.4-150500.12.3.3.aarch64",
"product": {
"name": "libgcrypt20-1.9.4-150500.12.3.3.aarch64",
"product_id": "libgcrypt20-1.9.4-150500.12.3.3.aarch64"
}
},
{
"category": "product_version",
"name": "libgcrypt20-hmac-1.9.4-150500.12.3.3.aarch64",
"product": {
"name": "libgcrypt20-hmac-1.9.4-150500.12.3.3.aarch64",
"product_id": "libgcrypt20-hmac-1.9.4-150500.12.3.3.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libgcrypt-devel-64bit-1.9.4-150500.12.3.3.aarch64_ilp32",
"product": {
"name": "libgcrypt-devel-64bit-1.9.4-150500.12.3.3.aarch64_ilp32",
"product_id": "libgcrypt-devel-64bit-1.9.4-150500.12.3.3.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libgcrypt20-64bit-1.9.4-150500.12.3.3.aarch64_ilp32",
"product": {
"name": "libgcrypt20-64bit-1.9.4-150500.12.3.3.aarch64_ilp32",
"product_id": "libgcrypt20-64bit-1.9.4-150500.12.3.3.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libgcrypt20-hmac-64bit-1.9.4-150500.12.3.3.aarch64_ilp32",
"product": {
"name": "libgcrypt20-hmac-64bit-1.9.4-150500.12.3.3.aarch64_ilp32",
"product_id": "libgcrypt20-hmac-64bit-1.9.4-150500.12.3.3.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "libgcrypt-cavs-1.9.4-150500.12.3.3.i586",
"product": {
"name": "libgcrypt-cavs-1.9.4-150500.12.3.3.i586",
"product_id": "libgcrypt-cavs-1.9.4-150500.12.3.3.i586"
}
},
{
"category": "product_version",
"name": "libgcrypt-devel-1.9.4-150500.12.3.3.i586",
"product": {
"name": "libgcrypt-devel-1.9.4-150500.12.3.3.i586",
"product_id": "libgcrypt-devel-1.9.4-150500.12.3.3.i586"
}
},
{
"category": "product_version",
"name": "libgcrypt20-1.9.4-150500.12.3.3.i586",
"product": {
"name": "libgcrypt20-1.9.4-150500.12.3.3.i586",
"product_id": "libgcrypt20-1.9.4-150500.12.3.3.i586"
}
},
{
"category": "product_version",
"name": "libgcrypt20-hmac-1.9.4-150500.12.3.3.i586",
"product": {
"name": "libgcrypt20-hmac-1.9.4-150500.12.3.3.i586",
"product_id": "libgcrypt20-hmac-1.9.4-150500.12.3.3.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "libgcrypt-cavs-1.9.4-150500.12.3.3.ppc64le",
"product": {
"name": "libgcrypt-cavs-1.9.4-150500.12.3.3.ppc64le",
"product_id": "libgcrypt-cavs-1.9.4-150500.12.3.3.ppc64le"
}
},
{
"category": "product_version",
"name": "libgcrypt-devel-1.9.4-150500.12.3.3.ppc64le",
"product": {
"name": "libgcrypt-devel-1.9.4-150500.12.3.3.ppc64le",
"product_id": "libgcrypt-devel-1.9.4-150500.12.3.3.ppc64le"
}
},
{
"category": "product_version",
"name": "libgcrypt20-1.9.4-150500.12.3.3.ppc64le",
"product": {
"name": "libgcrypt20-1.9.4-150500.12.3.3.ppc64le",
"product_id": "libgcrypt20-1.9.4-150500.12.3.3.ppc64le"
}
},
{
"category": "product_version",
"name": "libgcrypt20-hmac-1.9.4-150500.12.3.3.ppc64le",
"product": {
"name": "libgcrypt20-hmac-1.9.4-150500.12.3.3.ppc64le",
"product_id": "libgcrypt20-hmac-1.9.4-150500.12.3.3.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libgcrypt-cavs-1.9.4-150500.12.3.3.s390x",
"product": {
"name": "libgcrypt-cavs-1.9.4-150500.12.3.3.s390x",
"product_id": "libgcrypt-cavs-1.9.4-150500.12.3.3.s390x"
}
},
{
"category": "product_version",
"name": "libgcrypt-devel-1.9.4-150500.12.3.3.s390x",
"product": {
"name": "libgcrypt-devel-1.9.4-150500.12.3.3.s390x",
"product_id": "libgcrypt-devel-1.9.4-150500.12.3.3.s390x"
}
},
{
"category": "product_version",
"name": "libgcrypt20-1.9.4-150500.12.3.3.s390x",
"product": {
"name": "libgcrypt20-1.9.4-150500.12.3.3.s390x",
"product_id": "libgcrypt20-1.9.4-150500.12.3.3.s390x"
}
},
{
"category": "product_version",
"name": "libgcrypt20-hmac-1.9.4-150500.12.3.3.s390x",
"product": {
"name": "libgcrypt20-hmac-1.9.4-150500.12.3.3.s390x",
"product_id": "libgcrypt20-hmac-1.9.4-150500.12.3.3.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libgcrypt-cavs-1.9.4-150500.12.3.3.x86_64",
"product": {
"name": "libgcrypt-cavs-1.9.4-150500.12.3.3.x86_64",
"product_id": "libgcrypt-cavs-1.9.4-150500.12.3.3.x86_64"
}
},
{
"category": "product_version",
"name": "libgcrypt-devel-1.9.4-150500.12.3.3.x86_64",
"product": {
"name": "libgcrypt-devel-1.9.4-150500.12.3.3.x86_64",
"product_id": "libgcrypt-devel-1.9.4-150500.12.3.3.x86_64"
}
},
{
"category": "product_version",
"name": "libgcrypt-devel-32bit-1.9.4-150500.12.3.3.x86_64",
"product": {
"name": "libgcrypt-devel-32bit-1.9.4-150500.12.3.3.x86_64",
"product_id": "libgcrypt-devel-32bit-1.9.4-150500.12.3.3.x86_64"
}
},
{
"category": "product_version",
"name": "libgcrypt20-1.9.4-150500.12.3.3.x86_64",
"product": {
"name": "libgcrypt20-1.9.4-150500.12.3.3.x86_64",
"product_id": "libgcrypt20-1.9.4-150500.12.3.3.x86_64"
}
},
{
"category": "product_version",
"name": "libgcrypt20-32bit-1.9.4-150500.12.3.3.x86_64",
"product": {
"name": "libgcrypt20-32bit-1.9.4-150500.12.3.3.x86_64",
"product_id": "libgcrypt20-32bit-1.9.4-150500.12.3.3.x86_64"
}
},
{
"category": "product_version",
"name": "libgcrypt20-hmac-1.9.4-150500.12.3.3.x86_64",
"product": {
"name": "libgcrypt20-hmac-1.9.4-150500.12.3.3.x86_64",
"product_id": "libgcrypt20-hmac-1.9.4-150500.12.3.3.x86_64"
}
},
{
"category": "product_version",
"name": "libgcrypt20-hmac-32bit-1.9.4-150500.12.3.3.x86_64",
"product": {
"name": "libgcrypt20-hmac-32bit-1.9.4-150500.12.3.3.x86_64",
"product_id": "libgcrypt20-hmac-32bit-1.9.4-150500.12.3.3.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.5",
"product": {
"name": "SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.9.4-150500.12.3.3.aarch64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:libgcrypt20-1.9.4-150500.12.3.3.aarch64"
},
"product_reference": "libgcrypt20-1.9.4-150500.12.3.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.9.4-150500.12.3.3.ppc64le as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:libgcrypt20-1.9.4-150500.12.3.3.ppc64le"
},
"product_reference": "libgcrypt20-1.9.4-150500.12.3.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.9.4-150500.12.3.3.s390x as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:libgcrypt20-1.9.4-150500.12.3.3.s390x"
},
"product_reference": "libgcrypt20-1.9.4-150500.12.3.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.9.4-150500.12.3.3.x86_64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:libgcrypt20-1.9.4-150500.12.3.3.x86_64"
},
"product_reference": "libgcrypt20-1.9.4-150500.12.3.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-1.9.4-150500.12.3.3.aarch64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:libgcrypt20-hmac-1.9.4-150500.12.3.3.aarch64"
},
"product_reference": "libgcrypt20-hmac-1.9.4-150500.12.3.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-1.9.4-150500.12.3.3.ppc64le as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:libgcrypt20-hmac-1.9.4-150500.12.3.3.ppc64le"
},
"product_reference": "libgcrypt20-hmac-1.9.4-150500.12.3.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-1.9.4-150500.12.3.3.s390x as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:libgcrypt20-hmac-1.9.4-150500.12.3.3.s390x"
},
"product_reference": "libgcrypt20-hmac-1.9.4-150500.12.3.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-1.9.4-150500.12.3.3.x86_64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:libgcrypt20-hmac-1.9.4-150500.12.3.3.x86_64"
},
"product_reference": "libgcrypt20-hmac-1.9.4-150500.12.3.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt-cavs-1.9.4-150500.12.3.3.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libgcrypt-cavs-1.9.4-150500.12.3.3.aarch64"
},
"product_reference": "libgcrypt-cavs-1.9.4-150500.12.3.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt-devel-1.9.4-150500.12.3.3.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libgcrypt-devel-1.9.4-150500.12.3.3.aarch64"
},
"product_reference": "libgcrypt-devel-1.9.4-150500.12.3.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt-devel-1.9.4-150500.12.3.3.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libgcrypt-devel-1.9.4-150500.12.3.3.x86_64"
},
"product_reference": "libgcrypt-devel-1.9.4-150500.12.3.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.9.4-150500.12.3.3.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libgcrypt20-1.9.4-150500.12.3.3.aarch64"
},
"product_reference": "libgcrypt20-1.9.4-150500.12.3.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.9.4-150500.12.3.3.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libgcrypt20-1.9.4-150500.12.3.3.x86_64"
},
"product_reference": "libgcrypt20-1.9.4-150500.12.3.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-32bit-1.9.4-150500.12.3.3.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libgcrypt20-32bit-1.9.4-150500.12.3.3.x86_64"
},
"product_reference": "libgcrypt20-32bit-1.9.4-150500.12.3.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-1.9.4-150500.12.3.3.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libgcrypt20-hmac-1.9.4-150500.12.3.3.aarch64"
},
"product_reference": "libgcrypt20-hmac-1.9.4-150500.12.3.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-1.9.4-150500.12.3.3.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libgcrypt20-hmac-1.9.4-150500.12.3.3.x86_64"
},
"product_reference": "libgcrypt20-hmac-1.9.4-150500.12.3.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-32bit-1.9.4-150500.12.3.3.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libgcrypt20-hmac-32bit-1.9.4-150500.12.3.3.x86_64"
},
"product_reference": "libgcrypt20-hmac-32bit-1.9.4-150500.12.3.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt-cavs-1.9.4-150500.12.3.3.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libgcrypt-cavs-1.9.4-150500.12.3.3.aarch64"
},
"product_reference": "libgcrypt-cavs-1.9.4-150500.12.3.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt-devel-1.9.4-150500.12.3.3.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libgcrypt-devel-1.9.4-150500.12.3.3.aarch64"
},
"product_reference": "libgcrypt-devel-1.9.4-150500.12.3.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt-devel-1.9.4-150500.12.3.3.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libgcrypt-devel-1.9.4-150500.12.3.3.x86_64"
},
"product_reference": "libgcrypt-devel-1.9.4-150500.12.3.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.9.4-150500.12.3.3.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libgcrypt20-1.9.4-150500.12.3.3.aarch64"
},
"product_reference": "libgcrypt20-1.9.4-150500.12.3.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.9.4-150500.12.3.3.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libgcrypt20-1.9.4-150500.12.3.3.x86_64"
},
"product_reference": "libgcrypt20-1.9.4-150500.12.3.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-32bit-1.9.4-150500.12.3.3.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libgcrypt20-32bit-1.9.4-150500.12.3.3.x86_64"
},
"product_reference": "libgcrypt20-32bit-1.9.4-150500.12.3.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-1.9.4-150500.12.3.3.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libgcrypt20-hmac-1.9.4-150500.12.3.3.aarch64"
},
"product_reference": "libgcrypt20-hmac-1.9.4-150500.12.3.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-1.9.4-150500.12.3.3.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libgcrypt20-hmac-1.9.4-150500.12.3.3.x86_64"
},
"product_reference": "libgcrypt20-hmac-1.9.4-150500.12.3.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-32bit-1.9.4-150500.12.3.3.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libgcrypt20-hmac-32bit-1.9.4-150500.12.3.3.x86_64"
},
"product_reference": "libgcrypt20-hmac-32bit-1.9.4-150500.12.3.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt-cavs-1.9.4-150500.12.3.3.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt-cavs-1.9.4-150500.12.3.3.aarch64"
},
"product_reference": "libgcrypt-cavs-1.9.4-150500.12.3.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt-devel-1.9.4-150500.12.3.3.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt-devel-1.9.4-150500.12.3.3.aarch64"
},
"product_reference": "libgcrypt-devel-1.9.4-150500.12.3.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt-devel-1.9.4-150500.12.3.3.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt-devel-1.9.4-150500.12.3.3.ppc64le"
},
"product_reference": "libgcrypt-devel-1.9.4-150500.12.3.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt-devel-1.9.4-150500.12.3.3.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt-devel-1.9.4-150500.12.3.3.s390x"
},
"product_reference": "libgcrypt-devel-1.9.4-150500.12.3.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt-devel-1.9.4-150500.12.3.3.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt-devel-1.9.4-150500.12.3.3.x86_64"
},
"product_reference": "libgcrypt-devel-1.9.4-150500.12.3.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.9.4-150500.12.3.3.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt20-1.9.4-150500.12.3.3.aarch64"
},
"product_reference": "libgcrypt20-1.9.4-150500.12.3.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.9.4-150500.12.3.3.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt20-1.9.4-150500.12.3.3.ppc64le"
},
"product_reference": "libgcrypt20-1.9.4-150500.12.3.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.9.4-150500.12.3.3.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt20-1.9.4-150500.12.3.3.s390x"
},
"product_reference": "libgcrypt20-1.9.4-150500.12.3.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.9.4-150500.12.3.3.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt20-1.9.4-150500.12.3.3.x86_64"
},
"product_reference": "libgcrypt20-1.9.4-150500.12.3.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-32bit-1.9.4-150500.12.3.3.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt20-32bit-1.9.4-150500.12.3.3.x86_64"
},
"product_reference": "libgcrypt20-32bit-1.9.4-150500.12.3.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-1.9.4-150500.12.3.3.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt20-hmac-1.9.4-150500.12.3.3.aarch64"
},
"product_reference": "libgcrypt20-hmac-1.9.4-150500.12.3.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-1.9.4-150500.12.3.3.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt20-hmac-1.9.4-150500.12.3.3.ppc64le"
},
"product_reference": "libgcrypt20-hmac-1.9.4-150500.12.3.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-1.9.4-150500.12.3.3.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt20-hmac-1.9.4-150500.12.3.3.s390x"
},
"product_reference": "libgcrypt20-hmac-1.9.4-150500.12.3.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-1.9.4-150500.12.3.3.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt20-hmac-1.9.4-150500.12.3.3.x86_64"
},
"product_reference": "libgcrypt20-hmac-1.9.4-150500.12.3.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-32bit-1.9.4-150500.12.3.3.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt20-hmac-32bit-1.9.4-150500.12.3.3.x86_64"
},
"product_reference": "libgcrypt20-hmac-32bit-1.9.4-150500.12.3.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt-devel-1.9.4-150500.12.3.3.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libgcrypt-devel-1.9.4-150500.12.3.3.ppc64le"
},
"product_reference": "libgcrypt-devel-1.9.4-150500.12.3.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt-devel-1.9.4-150500.12.3.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libgcrypt-devel-1.9.4-150500.12.3.3.x86_64"
},
"product_reference": "libgcrypt-devel-1.9.4-150500.12.3.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.9.4-150500.12.3.3.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libgcrypt20-1.9.4-150500.12.3.3.ppc64le"
},
"product_reference": "libgcrypt20-1.9.4-150500.12.3.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.9.4-150500.12.3.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libgcrypt20-1.9.4-150500.12.3.3.x86_64"
},
"product_reference": "libgcrypt20-1.9.4-150500.12.3.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-32bit-1.9.4-150500.12.3.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libgcrypt20-32bit-1.9.4-150500.12.3.3.x86_64"
},
"product_reference": "libgcrypt20-32bit-1.9.4-150500.12.3.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-1.9.4-150500.12.3.3.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libgcrypt20-hmac-1.9.4-150500.12.3.3.ppc64le"
},
"product_reference": "libgcrypt20-hmac-1.9.4-150500.12.3.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-1.9.4-150500.12.3.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libgcrypt20-hmac-1.9.4-150500.12.3.3.x86_64"
},
"product_reference": "libgcrypt20-hmac-1.9.4-150500.12.3.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-hmac-32bit-1.9.4-150500.12.3.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libgcrypt20-hmac-32bit-1.9.4-150500.12.3.3.x86_64"
},
"product_reference": "libgcrypt20-hmac-32bit-1.9.4-150500.12.3.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-2236",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-2236"
}
],
"notes": [
{
"category": "general",
"text": "A timing-based side-channel flaw was found in libgcrypt\u0027s RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libgcrypt-cavs-1.9.4-150500.12.3.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libgcrypt-devel-1.9.4-150500.12.3.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libgcrypt-devel-1.9.4-150500.12.3.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libgcrypt20-1.9.4-150500.12.3.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libgcrypt20-1.9.4-150500.12.3.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libgcrypt20-32bit-1.9.4-150500.12.3.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libgcrypt20-hmac-1.9.4-150500.12.3.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libgcrypt20-hmac-1.9.4-150500.12.3.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libgcrypt20-hmac-32bit-1.9.4-150500.12.3.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libgcrypt-cavs-1.9.4-150500.12.3.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libgcrypt-devel-1.9.4-150500.12.3.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libgcrypt-devel-1.9.4-150500.12.3.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libgcrypt20-1.9.4-150500.12.3.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libgcrypt20-1.9.4-150500.12.3.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libgcrypt20-32bit-1.9.4-150500.12.3.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libgcrypt20-hmac-1.9.4-150500.12.3.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libgcrypt20-hmac-1.9.4-150500.12.3.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libgcrypt20-hmac-32bit-1.9.4-150500.12.3.3.x86_64",
"SUSE Linux Enterprise Micro 5.5:libgcrypt20-1.9.4-150500.12.3.3.aarch64",
"SUSE Linux Enterprise Micro 5.5:libgcrypt20-1.9.4-150500.12.3.3.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libgcrypt20-1.9.4-150500.12.3.3.s390x",
"SUSE Linux Enterprise Micro 5.5:libgcrypt20-1.9.4-150500.12.3.3.x86_64",
"SUSE Linux Enterprise Micro 5.5:libgcrypt20-hmac-1.9.4-150500.12.3.3.aarch64",
"SUSE Linux Enterprise Micro 5.5:libgcrypt20-hmac-1.9.4-150500.12.3.3.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libgcrypt20-hmac-1.9.4-150500.12.3.3.s390x",
"SUSE Linux Enterprise Micro 5.5:libgcrypt20-hmac-1.9.4-150500.12.3.3.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt-cavs-1.9.4-150500.12.3.3.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt-devel-1.9.4-150500.12.3.3.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt-devel-1.9.4-150500.12.3.3.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt-devel-1.9.4-150500.12.3.3.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt-devel-1.9.4-150500.12.3.3.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt20-1.9.4-150500.12.3.3.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt20-1.9.4-150500.12.3.3.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt20-1.9.4-150500.12.3.3.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt20-1.9.4-150500.12.3.3.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt20-32bit-1.9.4-150500.12.3.3.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt20-hmac-1.9.4-150500.12.3.3.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt20-hmac-1.9.4-150500.12.3.3.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt20-hmac-1.9.4-150500.12.3.3.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt20-hmac-1.9.4-150500.12.3.3.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt20-hmac-32bit-1.9.4-150500.12.3.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libgcrypt-devel-1.9.4-150500.12.3.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libgcrypt-devel-1.9.4-150500.12.3.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libgcrypt20-1.9.4-150500.12.3.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libgcrypt20-1.9.4-150500.12.3.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libgcrypt20-32bit-1.9.4-150500.12.3.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libgcrypt20-hmac-1.9.4-150500.12.3.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libgcrypt20-hmac-1.9.4-150500.12.3.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libgcrypt20-hmac-32bit-1.9.4-150500.12.3.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-2236",
"url": "https://www.suse.com/security/cve/CVE-2024-2236"
},
{
"category": "external",
"summary": "SUSE Bug 1221107 for CVE-2024-2236",
"url": "https://bugzilla.suse.com/1221107"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libgcrypt-cavs-1.9.4-150500.12.3.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libgcrypt-devel-1.9.4-150500.12.3.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libgcrypt-devel-1.9.4-150500.12.3.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libgcrypt20-1.9.4-150500.12.3.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libgcrypt20-1.9.4-150500.12.3.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libgcrypt20-32bit-1.9.4-150500.12.3.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libgcrypt20-hmac-1.9.4-150500.12.3.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libgcrypt20-hmac-1.9.4-150500.12.3.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libgcrypt20-hmac-32bit-1.9.4-150500.12.3.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libgcrypt-cavs-1.9.4-150500.12.3.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libgcrypt-devel-1.9.4-150500.12.3.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libgcrypt-devel-1.9.4-150500.12.3.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libgcrypt20-1.9.4-150500.12.3.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libgcrypt20-1.9.4-150500.12.3.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libgcrypt20-32bit-1.9.4-150500.12.3.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libgcrypt20-hmac-1.9.4-150500.12.3.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libgcrypt20-hmac-1.9.4-150500.12.3.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libgcrypt20-hmac-32bit-1.9.4-150500.12.3.3.x86_64",
"SUSE Linux Enterprise Micro 5.5:libgcrypt20-1.9.4-150500.12.3.3.aarch64",
"SUSE Linux Enterprise Micro 5.5:libgcrypt20-1.9.4-150500.12.3.3.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libgcrypt20-1.9.4-150500.12.3.3.s390x",
"SUSE Linux Enterprise Micro 5.5:libgcrypt20-1.9.4-150500.12.3.3.x86_64",
"SUSE Linux Enterprise Micro 5.5:libgcrypt20-hmac-1.9.4-150500.12.3.3.aarch64",
"SUSE Linux Enterprise Micro 5.5:libgcrypt20-hmac-1.9.4-150500.12.3.3.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libgcrypt20-hmac-1.9.4-150500.12.3.3.s390x",
"SUSE Linux Enterprise Micro 5.5:libgcrypt20-hmac-1.9.4-150500.12.3.3.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt-cavs-1.9.4-150500.12.3.3.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt-devel-1.9.4-150500.12.3.3.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt-devel-1.9.4-150500.12.3.3.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt-devel-1.9.4-150500.12.3.3.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt-devel-1.9.4-150500.12.3.3.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt20-1.9.4-150500.12.3.3.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt20-1.9.4-150500.12.3.3.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt20-1.9.4-150500.12.3.3.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt20-1.9.4-150500.12.3.3.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt20-32bit-1.9.4-150500.12.3.3.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt20-hmac-1.9.4-150500.12.3.3.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt20-hmac-1.9.4-150500.12.3.3.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt20-hmac-1.9.4-150500.12.3.3.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt20-hmac-1.9.4-150500.12.3.3.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt20-hmac-32bit-1.9.4-150500.12.3.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libgcrypt-devel-1.9.4-150500.12.3.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libgcrypt-devel-1.9.4-150500.12.3.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libgcrypt20-1.9.4-150500.12.3.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libgcrypt20-1.9.4-150500.12.3.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libgcrypt20-32bit-1.9.4-150500.12.3.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libgcrypt20-hmac-1.9.4-150500.12.3.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libgcrypt20-hmac-1.9.4-150500.12.3.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libgcrypt20-hmac-32bit-1.9.4-150500.12.3.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libgcrypt-cavs-1.9.4-150500.12.3.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libgcrypt-devel-1.9.4-150500.12.3.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libgcrypt-devel-1.9.4-150500.12.3.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libgcrypt20-1.9.4-150500.12.3.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libgcrypt20-1.9.4-150500.12.3.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libgcrypt20-32bit-1.9.4-150500.12.3.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libgcrypt20-hmac-1.9.4-150500.12.3.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libgcrypt20-hmac-1.9.4-150500.12.3.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libgcrypt20-hmac-32bit-1.9.4-150500.12.3.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libgcrypt-cavs-1.9.4-150500.12.3.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libgcrypt-devel-1.9.4-150500.12.3.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libgcrypt-devel-1.9.4-150500.12.3.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libgcrypt20-1.9.4-150500.12.3.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libgcrypt20-1.9.4-150500.12.3.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libgcrypt20-32bit-1.9.4-150500.12.3.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libgcrypt20-hmac-1.9.4-150500.12.3.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libgcrypt20-hmac-1.9.4-150500.12.3.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libgcrypt20-hmac-32bit-1.9.4-150500.12.3.3.x86_64",
"SUSE Linux Enterprise Micro 5.5:libgcrypt20-1.9.4-150500.12.3.3.aarch64",
"SUSE Linux Enterprise Micro 5.5:libgcrypt20-1.9.4-150500.12.3.3.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libgcrypt20-1.9.4-150500.12.3.3.s390x",
"SUSE Linux Enterprise Micro 5.5:libgcrypt20-1.9.4-150500.12.3.3.x86_64",
"SUSE Linux Enterprise Micro 5.5:libgcrypt20-hmac-1.9.4-150500.12.3.3.aarch64",
"SUSE Linux Enterprise Micro 5.5:libgcrypt20-hmac-1.9.4-150500.12.3.3.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libgcrypt20-hmac-1.9.4-150500.12.3.3.s390x",
"SUSE Linux Enterprise Micro 5.5:libgcrypt20-hmac-1.9.4-150500.12.3.3.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt-cavs-1.9.4-150500.12.3.3.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt-devel-1.9.4-150500.12.3.3.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt-devel-1.9.4-150500.12.3.3.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt-devel-1.9.4-150500.12.3.3.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt-devel-1.9.4-150500.12.3.3.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt20-1.9.4-150500.12.3.3.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt20-1.9.4-150500.12.3.3.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt20-1.9.4-150500.12.3.3.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt20-1.9.4-150500.12.3.3.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt20-32bit-1.9.4-150500.12.3.3.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt20-hmac-1.9.4-150500.12.3.3.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt20-hmac-1.9.4-150500.12.3.3.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt20-hmac-1.9.4-150500.12.3.3.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt20-hmac-1.9.4-150500.12.3.3.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libgcrypt20-hmac-32bit-1.9.4-150500.12.3.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libgcrypt-devel-1.9.4-150500.12.3.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libgcrypt-devel-1.9.4-150500.12.3.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libgcrypt20-1.9.4-150500.12.3.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libgcrypt20-1.9.4-150500.12.3.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libgcrypt20-32bit-1.9.4-150500.12.3.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libgcrypt20-hmac-1.9.4-150500.12.3.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libgcrypt20-hmac-1.9.4-150500.12.3.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libgcrypt20-hmac-32bit-1.9.4-150500.12.3.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-13T00:10:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-2236"
}
]
}
SUSE-SU-2025:20490-1
Vulnerability from csaf_suse - Published: 2025-07-11 09:20 - Updated: 2025-07-11 09:20Summary
Security update for libgcrypt
Severity
Moderate
Notes
Title of the patch: Security update for libgcrypt
Description of the patch: This update for libgcrypt fixes the following issues:
- CVE-2024-2236: Fixed timing based side-channel in RSA implementation (bsc#1221107)
Patchnames: SUSE-SLE-Micro-6.0-381
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.9 (Medium)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:libgcrypt20-1.10.3-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libgcrypt20-1.10.3-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libgcrypt20-1.10.3-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
8 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for libgcrypt",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for libgcrypt fixes the following issues:\n\n- CVE-2024-2236: Fixed timing based side-channel in RSA implementation (bsc#1221107)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.0-381",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_20490-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:20490-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520490-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:20490-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-July/040931.html"
},
{
"category": "self",
"summary": "SUSE Bug 1221107",
"url": "https://bugzilla.suse.com/1221107"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-2236 page",
"url": "https://www.suse.com/security/cve/CVE-2024-2236/"
}
],
"title": "Security update for libgcrypt",
"tracking": {
"current_release_date": "2025-07-11T09:20:30Z",
"generator": {
"date": "2025-07-11T09:20:30Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:20490-1",
"initial_release_date": "2025-07-11T09:20:30Z",
"revision_history": [
{
"date": "2025-07-11T09:20:30Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libgcrypt20-1.10.3-2.1.aarch64",
"product": {
"name": "libgcrypt20-1.10.3-2.1.aarch64",
"product_id": "libgcrypt20-1.10.3-2.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libgcrypt20-1.10.3-2.1.s390x",
"product": {
"name": "libgcrypt20-1.10.3-2.1.s390x",
"product_id": "libgcrypt20-1.10.3-2.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libgcrypt20-1.10.3-2.1.x86_64",
"product": {
"name": "libgcrypt20-1.10.3-2.1.x86_64",
"product_id": "libgcrypt20-1.10.3-2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.0",
"product": {
"name": "SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.10.3-2.1.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:libgcrypt20-1.10.3-2.1.aarch64"
},
"product_reference": "libgcrypt20-1.10.3-2.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.10.3-2.1.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:libgcrypt20-1.10.3-2.1.s390x"
},
"product_reference": "libgcrypt20-1.10.3-2.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.10.3-2.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:libgcrypt20-1.10.3-2.1.x86_64"
},
"product_reference": "libgcrypt20-1.10.3-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-2236",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-2236"
}
],
"notes": [
{
"category": "general",
"text": "A timing-based side-channel flaw was found in libgcrypt\u0027s RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:libgcrypt20-1.10.3-2.1.aarch64",
"SUSE Linux Micro 6.0:libgcrypt20-1.10.3-2.1.s390x",
"SUSE Linux Micro 6.0:libgcrypt20-1.10.3-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-2236",
"url": "https://www.suse.com/security/cve/CVE-2024-2236"
},
{
"category": "external",
"summary": "SUSE Bug 1221107 for CVE-2024-2236",
"url": "https://bugzilla.suse.com/1221107"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:libgcrypt20-1.10.3-2.1.aarch64",
"SUSE Linux Micro 6.0:libgcrypt20-1.10.3-2.1.s390x",
"SUSE Linux Micro 6.0:libgcrypt20-1.10.3-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:libgcrypt20-1.10.3-2.1.aarch64",
"SUSE Linux Micro 6.0:libgcrypt20-1.10.3-2.1.s390x",
"SUSE Linux Micro 6.0:libgcrypt20-1.10.3-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-11T09:20:30Z",
"details": "moderate"
}
],
"title": "CVE-2024-2236"
}
]
}
SUSE-SU-2025:20538-1
Vulnerability from csaf_suse - Published: 2025-07-31 09:38 - Updated: 2025-07-31 09:38Summary
Security update for libgcrypt
Severity
Moderate
Notes
Title of the patch: Security update for libgcrypt
Description of the patch: This update for libgcrypt fixes the following issues:
- CVE-2024-2236: Fixed timing based side-channel in RSA implementation (bsc#1221107)
Patchnames: SUSE-SLE-Micro-6.1-196
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.9 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:libgcrypt20-1.10.3-slfo.1.1_2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libgcrypt20-1.10.3-slfo.1.1_2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libgcrypt20-1.10.3-slfo.1.1_2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libgcrypt20-1.10.3-slfo.1.1_2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
8 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for libgcrypt",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for libgcrypt fixes the following issues:\n\n- CVE-2024-2236: Fixed timing based side-channel in RSA implementation (bsc#1221107)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.1-196",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_20538-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:20538-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520538-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:20538-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-August/041116.html"
},
{
"category": "self",
"summary": "SUSE Bug 1221107",
"url": "https://bugzilla.suse.com/1221107"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-2236 page",
"url": "https://www.suse.com/security/cve/CVE-2024-2236/"
}
],
"title": "Security update for libgcrypt",
"tracking": {
"current_release_date": "2025-07-31T09:38:25Z",
"generator": {
"date": "2025-07-31T09:38:25Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:20538-1",
"initial_release_date": "2025-07-31T09:38:25Z",
"revision_history": [
{
"date": "2025-07-31T09:38:25Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libgcrypt20-1.10.3-slfo.1.1_2.1.aarch64",
"product": {
"name": "libgcrypt20-1.10.3-slfo.1.1_2.1.aarch64",
"product_id": "libgcrypt20-1.10.3-slfo.1.1_2.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libgcrypt20-1.10.3-slfo.1.1_2.1.ppc64le",
"product": {
"name": "libgcrypt20-1.10.3-slfo.1.1_2.1.ppc64le",
"product_id": "libgcrypt20-1.10.3-slfo.1.1_2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libgcrypt20-1.10.3-slfo.1.1_2.1.s390x",
"product": {
"name": "libgcrypt20-1.10.3-slfo.1.1_2.1.s390x",
"product_id": "libgcrypt20-1.10.3-slfo.1.1_2.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libgcrypt20-1.10.3-slfo.1.1_2.1.x86_64",
"product": {
"name": "libgcrypt20-1.10.3-slfo.1.1_2.1.x86_64",
"product_id": "libgcrypt20-1.10.3-slfo.1.1_2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.1",
"product": {
"name": "SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.10.3-slfo.1.1_2.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:libgcrypt20-1.10.3-slfo.1.1_2.1.aarch64"
},
"product_reference": "libgcrypt20-1.10.3-slfo.1.1_2.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.10.3-slfo.1.1_2.1.ppc64le as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:libgcrypt20-1.10.3-slfo.1.1_2.1.ppc64le"
},
"product_reference": "libgcrypt20-1.10.3-slfo.1.1_2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.10.3-slfo.1.1_2.1.s390x as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:libgcrypt20-1.10.3-slfo.1.1_2.1.s390x"
},
"product_reference": "libgcrypt20-1.10.3-slfo.1.1_2.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcrypt20-1.10.3-slfo.1.1_2.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:libgcrypt20-1.10.3-slfo.1.1_2.1.x86_64"
},
"product_reference": "libgcrypt20-1.10.3-slfo.1.1_2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-2236",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-2236"
}
],
"notes": [
{
"category": "general",
"text": "A timing-based side-channel flaw was found in libgcrypt\u0027s RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:libgcrypt20-1.10.3-slfo.1.1_2.1.aarch64",
"SUSE Linux Micro 6.1:libgcrypt20-1.10.3-slfo.1.1_2.1.ppc64le",
"SUSE Linux Micro 6.1:libgcrypt20-1.10.3-slfo.1.1_2.1.s390x",
"SUSE Linux Micro 6.1:libgcrypt20-1.10.3-slfo.1.1_2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-2236",
"url": "https://www.suse.com/security/cve/CVE-2024-2236"
},
{
"category": "external",
"summary": "SUSE Bug 1221107 for CVE-2024-2236",
"url": "https://bugzilla.suse.com/1221107"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:libgcrypt20-1.10.3-slfo.1.1_2.1.aarch64",
"SUSE Linux Micro 6.1:libgcrypt20-1.10.3-slfo.1.1_2.1.ppc64le",
"SUSE Linux Micro 6.1:libgcrypt20-1.10.3-slfo.1.1_2.1.s390x",
"SUSE Linux Micro 6.1:libgcrypt20-1.10.3-slfo.1.1_2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:libgcrypt20-1.10.3-slfo.1.1_2.1.aarch64",
"SUSE Linux Micro 6.1:libgcrypt20-1.10.3-slfo.1.1_2.1.ppc64le",
"SUSE Linux Micro 6.1:libgcrypt20-1.10.3-slfo.1.1_2.1.s390x",
"SUSE Linux Micro 6.1:libgcrypt20-1.10.3-slfo.1.1_2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-31T09:38:25Z",
"details": "moderate"
}
],
"title": "CVE-2024-2236"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…